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Two  federal  government  initiatives  make  information  technology  an  important 
agent  in  achieving  goals  for  improved  operation  of  the  federal  government  and  a 
revitalized  economy.  The  first  initiative,  the  planned  National  Information  Infra- 
structure (Nil),  is  envisioned  to  be  a seamless  web  of  communications,  net- 
works, computers,  databases  and  consumer  electronics  that  will  put  vast 
amounts  of  information  at  users’  fingertips.  In  September  1993,  the  Admini- 
stration issued  an  “Agenda  for  Action”  that  outlines  a role  for  the  government 
in  promoting  the  development  of  the  Nil  in  partnership  with  the  private  sector, 
and  in  ensuring  that  all  Americans  have  access  to  the  Nil. 

The  Nil  is  expected  to  make  information  available  to  users  in  the  form  of 
video  programming,  scientific  and  business  databases,  images,  sound  record- 
ings, library  archives  and  other  media.  Applications  and  software  will  enable 
users  to  access,  manipulate,  organize  and  digest  the  information.  The  develop- 
ment of  useful,  reliable  applications  is  a demanding  challenge  that  NIST  and 
other  government  organizations  share. 

The  second  initiative,  the  report  of  the  Vice  President’s  National  Performance 
Review  (NPR),  “Creating  a Government  That  Works  Better  and  Costs  Less,” 
calls  for  expanded  use  of  computer  and  telecommunications  technologies  to  do 
new  things  and  to  create  a government  for  the  future.  Applications  for  elec- 
tronic benefit  transfers,  tax  filing  and  reporting,  electronic  mail  and  access  to 
information  will  help  to  improve  the  efficiency  and  easy  use  of  government  serv- 
ices, and  to  develop  the  government’s  portion  of  the  NIL 

These  goals  for  the  Nil  and  the  NPR  will  depend  on  more  than  just  the  avail- 
ability of  the  technology.  The  information  must  be  accessible  in  a form  that  is 
useful.  Applications  and  software  will  be  needed  to  allow  users  access  to  the  in- 
formation. Most  important  perhaps,  people  will  be  key  to  creating  the  informa- 
tion, developing  the  applications,  and  using  the  services  and  facilities. 

The  Nil  and  NPR  give  us  a vision  for  using  information  technology  to  improve 
products  and  services,  create  new  ones,  compete  more  effectively,  and  empower 
people  to  be  more  creative  and  efficient. 

The  Computer  Systems  Laboratory  at  the  National  Institute  of  Standards  and 
Technology  works  in  areas  of  technology  that  are  essential  to  both  the  Nil  and 
NPR.  Standards,  guidelines,  research,  test  methods,  technical  agreements,  ad- 
vice and  assistance  are  needed  to  develop  interconnected,  secure,  reliable  com- 
puter and  telecommunications  systems,  and  to  accurately  transfer  information 
between  different  systems. 

To  achieve  these  goals,  we  continue  to  work  with  users,  industry,  and  other 
governments,  and  to  support  national  and  international  voluntary  industry 
standards  development  activities.  We  also  have  expanded  our  collaborations 
with  industry  organizations  and  consortia  that  promote  the  interoperability  of 
systems,  and  help  the  user  select  technical  solutions  that  will  work  together. 

This  annual  report  details  some  selected  standards,  technical  assistance 
and  research  efforts,  many  of  which  were  carried  out  in  conjunction  with  other 
organizations.  Workshops  and  conferences  have  been  important  in  creating  al- 
liances for  working  with  others  in  areas  from  applications  portability  to  wireless 
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communications  to  security  and  display  technology.  Our  Open  System  Envi- 
ronments (OSE)  Implementors’  Workshop  and  the  North  American  ISDN  Users’ 
Forum  are  examples  of  well-attended  and  productive  activities  that  support  the 
implementation  of  standards  in  commercial  products  and  services. 

Our  directed  research  projects  in  text  retrieval  methodologies,  automated  in- 
dexing techniques,  and  automated  character  recognition,  and  other  areas  led  to 
publications,  papers,  and  standard  databases  that  are  used  by  industry  in  de- 
veloping commercial  products. 

Security  and  reliability  of  systems  are  essential  for  public  confidence  in  infor- 
mation technology.  Last  year  we  completed  new  guidelines  and  standards  for 
computer  security,  and  advanced  the  development  of  international  evaluation 
criteria  for  specifying  the  proper  level  of  security  needed  by  users  to  protect 
their  data,  and  to  assure  system  availability. 

Completed  were  a standard  for  secure  message  digests,  the  reaffirmation  of 
the  Data  Encryption  Standard  for  five  years,  a standard  for  security  require- 
ments for  cryptographic  modules,  and  a specification  for  automating  the  gen- 
eration of  random  pronounceable  passwords.  Other  security  efforts  were 
directed  toward  developing  Smartcard  technology  for  authentication  of  system 
users,  analyzing  telecommunications  switches  for  secure  operation,  assisting 
government  and  industry  in  responding  to  computer  security  incidents,  and 
providing  guidance  on  anti-vims  tools  and  secure  databases. 

The  High  Performance  Computing  and  Communications  Program  continued 
to  be  a priority.  Organized  as  an  interagency  activity  in  cooperation  with  indus- 
try and  academe,  this  program  addresses  national  needs  for  advanced  comput- 
ers, high-capacity  and  high-speed  networks,  and  electronic  data  bases.  CSL 
activities  focused  on  the  development  and  commercialization  of  technology  to 
measure  performance  of  advanced  computer  systems. 

Numerous  standards  and  guidance  projects  were  concerned  with  improviug 
the  development  of  standards-based  integrated  systems  for  database,  graphics, 
and  other  applications.  A revised  version  of  the  Applications  Portability  Profile 
(APP)  was  completed,  as  were  standards  for  graphics  exchange  and  the  user  in- 
terface to  graphics  applications.  New  work  was  started  in  prototyping,  testing 
and  using  electronic  data  interchange  (EDI)  applications  to  lay  the  foundation 
for  the  government’s  electronic  commerce  initiatives.  We  cooperated  with  in- 
dustry in  developing  two  standards  that  adopt  widely  used  information  model- 
ing techniques. 

We  will  be  taking  a close  look  at  the  standards  process  this  year  in  conjunction 
with  other  federal  agencies.  In  October  1993,  I named  an  interagency  panel  to 
review  open  systems  network  requirements  and  to  recommend  policies  on  the 
use  of  networking  standards  by  the  federal  government.  The  panel’s  report  will 
cover  policies  and  alternatives  that  will  best  meet  the  government’s  near-  and 
long-term  needs  for  networking,  and  for  interoperability  between  the  different 
network  protocol  suites.  I expect  the  report  to  be  discussed  in  1994  and  to  be 
part  of  a broader  review  that  will  be  conducted  of  the  government’s  role  in  the 
information  system  standards  process. 


Studies  such  as  Global  Standards:  Building  Blocks  for  the  Future  carried  out 
by  the  Office  of  Technology  Assessment,  and  Crossroads  of  Information  Technol- 
ogy carried  out  by  the  National  Research  Council  have  pointed  out  that  the 
standards  process  is  slow  and  has  not  kept  up  with  the  rapid  changes  in  infor- 
mation technology.  Standards  that  are  developed  are  complex  and  allow  for 
multiple  options  that  must  be  selected  by  users  to  achieve  Interoperable  systems. 

There  are  other  barriers  to  national  and  international  connectivity  resulting 
from  the  division  of  responsibility  for  standards  development  among  different 
regulated  and  non-regulated  standards-making  bodies.  No  single  organization 
is  responsible  for  developing  standards  for  or  delivering  services  for  cable  TV, 
mobile,  broadcast  and  wireless  communications  technologies,  all  of  which  are 
becoming  a part  of  the  telecommunications  infrastructure. 

We  want  to  explore  if  the  government  can  strengthen  the  industry-driven 
process  of  standards  development  by  participating  more  actively  in  private-sector 
standards -writing  bodies  and  if  there  are  other  ways  to  work  more  closely  with 
industry  to  address  the  technical  barriers  to  interoperability  and  to  the  adoption  of 
new  technologies.  We  want  to  help  establish  a process  for  assisting  in  the  determi- 
nation of  the  standards  needed  for  the  Nil,  for  accelerating  the  development  and 
implementation  of  needed  standards,  and  for  coordinating  policies  for  standards. 

The  security  of  systems  and  networks  will  be  essential  to  the  success  of  the 
Nil.  Users  must  be  assured  of  the  integrity,  confidentiality,  and  availability  of 
the  information  that  is  transmitted  over  the  Nil.  Business  and  research  are  be- 
ing conducted  on  a global  basis  over  computer  networks,  yet  many  basic  safe- 
guards for  information  and  systems  are  not  available,  or  are  not  yet  endorsed 
as  standards.  We  realize  that  there  will  not  be  a single  security  solution  for  all 
applications:  however,  we  want  the  government’s  solutions  to  be  interoperable 
with  those  selected  by  other  communities. 

The  development  of  applications  for  the  Nil  will  be  a high  priority.  Manufac- 
turing applications  will  be  the  focus  of  many  projects  within  NIST.  We  will  also 
support  the  development  of  applications  for  government-wide  electronic  mail, 
electronic  commerce,  and  electronic  delivery  of  federal  services,  all  considered 
essential  for  an  effective  modem  government  by  the  NPR. 

We  will  be  assessing  solutions  both  within  and  outside  the  standards-setting 
machinery,  looking  for  answers  that  will  be  appropriate  for  rapidly  moving  ar- 
eas of  technology  and  that  will  help  users  make  suitable  technological  selec- 
tions. We  will  also  explore  different  ways  of  working  with  industry  and 
academia  to  solve  specific  problems.  We  are  especially  optimistic  that  coopera- 
tive research  and  development  agreements  (CRADAs)  will  be  useful  and  produc- 
tive in  addressing  issues  such  as  sharing  and  exchange  of  electronic  documents. 

1 look  forward  to  a productive  1994,  and  1 invite  your  comments  and  sugges- 
tions on  our  activities. 
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OVERVIEW  OF  THE  COMPUTER 
SYSTEMS  LABORATORY 


Director:  James  H.  Burrows 

Associate  Director  for  Computer  Security:  F.  Lynn  McNulty 
Associate  Director  for  Program  Implementation:  R.J.  Linn 
NIST  Fellow:  Dennis  Branstad 
Senior  Management  Advisor:  Judith  L.  Lyons 
Program  Coordination  and  Support:  Shirley  M.  Radack 
Voluntary  Standards  Liaison:  Michael  Hogan 

The  development  of  high  performance  computing  and  communications  networks, 
the  development  and  promotion  of  applications  such  as  electronic  commerce, 
and  information  security  and  network  reliability  are  all  significant  issues  which 
must  be  addressed  in  building  the  National  Information  Infrastructure.  This 
planned  network  of  communications  capabilities,  computer  systems,  data- 
bases, and  information  resources  will  revolutionize  the  way  people  live  and 
work  in  the  last  half  of  the  1990s  and  the  next  century. 

The  Computer  Systems  Laboratory  (CSL),  a major  research  component  of  the 
National  Institute  of  Standards  and  Technology  (NIST)  of  the  U.S.  Department 
of  Commerce,  contributes  to  these  national  goals  through  research,  technical 
expertise,  and  the  development  of  information  processing  standards,  guide- 
lines, and  test  methods.  We  support  U.S.  industry  by  fostering  the  develop- 
ment and  commercialization  of  advanced  computer  and  telecommunications 
technologies.  The  Brooks  Act  (Public  Law  89-306),  the  Computer  Security  Act 
of  1987  (Public  Law  100-235),  and  the  Omnibus  Trade  and  Competitiveness  Act 
of  1988  (Public  Law  100-418)  mandate  CSLs  programs  and  research  activities. 

CSL  is  a key  player  in  developing  technologies  that  support  interoperability  and 
openness  for  the  NIL  We  support  high  performance  computing  and  communi- 
cations through  research  and  development  of  advanced  technologies,  test  methods, 
and  standards  for  high-speed  networks  and  applications,  parallel  processing, 
data  storage  technologies,  and  software  tools.  Technology  advances  help  to  pro- 
mote new  integrated  applications  such  as  electronic  commerce,  manufacturing, 
and  delivery  of  government  services  and  information.  CSL’s  computer  security 
program,  in  effect  since  the  1970s  and  reaffirmed  by  the  Computer  Security  Act 
of  1987,  develops  ways  to  protect  the  integrity,  confidentiality,  and  availability 
of  valuable  information  resources  in  the  networked,  interoperable  computer 
and  communications  systems  of  today  and  the  future. 
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Meeting  Diverse 
Requirements 
Through  Open 
Systems 


Technoiogy  Transfer 


Interactions  are  Key 


Organizational 

Resources 


Users  have  a diversity  of  requirements  which  no  single  vendor  can  supply. 
Meeting  the  diverse  needs  of  government  and  industry  users  requires  an  operat- 
ing environment  in  which  hardware,  software,  and  telecommunications  prod- 
ucts Interoperate.  Through  cooperative  interactions  with  Industry,  users,  and 
voluntary  industry  standards  organizations,  CSL  supports  the  development  of 
technology  and  standards  for  application  portability,  interoperability,  and  com- 
puting architectures  which  support  open  systems.  As  a result,  more  off-the- 
shelf  products  are  now  available  commercially  to  move  information, 
applications,  and  technical  skills  among  dissimilar  computer  systems. 

Often  in  collaboration  with  industry  or  in  support  of  other  federal  agencies,  our 
laboratory-based  research  program  supports  and  complements  our  standards 
activities  and  technical  assistance  functions.  Research  areas  include  data  man- 
agement, software  engineering,  information  security,  network  architectures, 
and  advanced  systems  technologies.  The  development  of  test  and  measure- 
ment methods  to  evaluate  conformance  of  products  to  standards  remains  a sig- 
nificant part  of  CSL’s  research  program.  In  1993  three  researchers  received  a 
patent  for  their  work  in  automated  character  recognition,  and  six  patent  appli- 
cations are  currently  pending.  Technology  transfer  to  federal  agencies  and  In- 
dustry provides  for  broad  dissemination  of  new  technologies,  enhancing  gains 
In  U.S.  productivity  and  maintaining  competitiveness  in  the  global  marketplace. 

The  Cooperative  Research  and  Development  Agreement  (CRADA)  is  one  of  sev- 
eral measures  which  we  use  to  structure  our  interactions  with  federal  agencies 
and  industry  organizations.  In  1993,  we  collaborated  with  42  government,  in- 
dustry, and  academic  Institutions  through  CRADAs  to  pursue  common  goals. 
Our  ongoing  workshop  efforts  continued.  Including  the  Open  System  Environ- 
ment (OSE)  Implementors’  Workshop  (OIW),  the  Applications  Portability  Profile 
(APP)/OSE  Users’  Fomm,  and  the  North  American  ISDN  Users’  Fomm  (NIUF). 
We  established  a new  workshop  activity  in  the  area  of  wireless  technologies, 
the  Federal  Wireless  Users’  Forum  (FWUF).  Many  other  informal  interactions 
with  government  and  Industry  partners  involved  the  sharing  of  equipment  or 
expertise.  These  cooperative  arrangements  benefit  all  parties  involved  and  sig- 
nificantly speed  the  commercialization  of  new  products  and  emerging  technologies. 

CSL’s  technicEd  work  is  accomplished  in  five  divisions:  Information  Systems 
Engineering  Division,  Systems  and  Software  Technology  Division,  Computer  Se- 
curity Division,  Systems  and  Network  Architecture  Division,  and  Advanced  Sys- 
tems Division.  Our  professional  staff  consists  of  computer  scientists,  computer 
specialists,  electrical  and  electronics  engineers,  and  mathematicians.  Staffing 
resources  in  FY  1993  Included  251  full-time-equivalent  employees  of  which 
75%  were  professional  and  technical  staff  and  25%  were  administrative  sup- 
port persormel.  In  addition  to  CSL  staff,  about  40  research  associates,  guest 
scientists,  and  faculty  appointments  enhanced  our  research  program. 
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Funding  for  CSL  programs  in  FY  1993  consisted  of  $13.1  million  from  the 
NIST  Congressional  appropriation  (STRS),  including  $1.0  million  in  NIST-sup- 
ported  competency  funding  and  $18.5  million  in  reimbursable  funds,  mostly 
from  other  federal  agencies  for  direct  technical  assistance.  About  41  organiza- 
tions in  government  and  industry  received  reimbursable  technical  support  from 
CSL  in  FY  1993.  See  the  Technology  Transfer  section  of  this  report  for  a com- 
plete list  of  our  collaborative  interactions. 

Shafln^  Informstion  Our  organization  shares  information  and  technology  with  government,  busi- 
3 Pfiority  ness,  academia,  and  the  public  through  a variety  of  resources.  CSL  publishes 
Federal  Information  Processing  Standards  (FIPS)  and  guidelines;  special  publi- 
cations series  focusing  on  computer  systems,  computer  security,  and  ISDN; 
technical  interagency  reports  on  research  and  tests;  a quarterly  “CSL”  newslet- 
ter; and  a CSL  bulletin  series  published  about  eight  times  a year  on  topics  of  in- 
terest to  the  information  systems  community.  See  the  Technology  Transfer 
section  for  a list  of  FIPS  and  other  publications  currently  available  for  sale 
through  the  Government  Printing  Office  (GPO)  or  the  National  Technical  Infor- 
mation Service  (NTIS).  We  also  sponsor  and  host  a variety  of  conferences  and 
workshops  throughout  the  year,  and  our  staff  members  address  many  federal 
and  private  organizations. 

In  response  to  computer  users  with  dial-up  capability,  we  maintain  three 
electronic  bulletin  boards  which  provide  information  on  computer  security, 
data  management,  and  Integrated  Services  Digital  Network  (ISDN).  Our  Vali- 
dated Products  List  is  also  available  on-line.  Access  instructions  for  these  re- 
sources appear  in  Technology  Transfer. 

Technical  highlights  of  our  five  divisions  follow. 
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Data  Management 


Database  Languages 


INFORMATION  SYSTEMS 
ENGINEERING  DIVISION 

Chief:  David  K.  Jefferson 

Group  Managers:  Joseph  C.  Collica,  Database  & Graphics 
Bruce  K.  Rosen,  Data  Administration 
Mark  W.  Shall,  Graphics  Software 
L.  Arnold  Johnson,  Software  Standards  Validation 
Shirley  M.  Hurwitz,  Database  Languages 

Using  standards  as  a tool  to  integrate  business  applications  which  share  data 
electronically  is  an  efficient  and  cost-effective  means  of  improving  business 
processes.  To  accomplish  this  objective  for  federal  and  industry  organizations, 
the  Information  Systems  Engineering  Division  develops  standards  and  provides 
technical  assistance  in  data  management  and  database  languages,  data  admini- 
stration, computer  graphics,  and  software  standards  validation. 

Under  an  interagency  agreement  with  the  Department  of  Defense,  CSL  contin- 
ued its  assistance  to  the  Continuous  Acquisition  and  Life-Cycle  Support  (CALS) 
(formerly  Computer-aided  Acquisition  and  Logistic  Support)  project  in  the  appli- 
cation of  SQL  and  other  data  management  standards  to  CALS  requirements.  A 
preliminary  report  for  object  management  in  CALS  resulted  from  these  efforts. 
Support  to  the  Advanced  Research  Projects  Agency  (ARPA)  for  object  database 
technology  continued,  as  well  as  support  to  the  Department  of  Commerce 
(DoC),  O'ffice  of  Financial  Management,  in  their  efforts  to  acquire  a centralized 
financial  management  system  for  the  agency.  A draft  report  “Open  System  En- 
vironment and  Transition  Framework  for  Department  of  Commerce’s  Financial 
Management  System”  describes  this  technical  assistance. 

In  cooperation  with  the  Systems  and  Software  Technology  Division,  researchers 
completed  their  fifth  year  of  a project  in  hypertext/hypermedia.  The  laboratory- 
based  research  is  carried  out  in  the  Multimedia  Systems  and  Database  Labora- 
tories. Through  talks,  workshops,  and  publications,  project  members  shared 
knowledge  and  experience  in  the  integration  of  hypertext  technology  with  ex- 
pert systems,  database,  graphics,  publishing,  and  other  business  applications. 

Division  researchers  participated  in  the  development  and  coordination  of  a sub- 
stantial enhancement  to  Federal  Information  Processing  Standard  (FIPS)  127-1, 
Database  Language  SQL.  Published  as  FIPS  127-2,  the  revised  standard  is  for 
use  in  federal  procurements  of  relational  model  database  management  sys- 
tems. FIPS  127-2  adds  significant  new  features  for  schema  definition,  diagnos- 
tics management,  integrity  constraints,  and  international  character  set 
support,  as  well  as  new  data  types,  new  table  operations,  and  enhanced  data 
manipulation  expressions.  A new  Information  Schema  makes  all  schema  data 
available  to  applications. 

FIPS  127-2  provides  for  four  separate  levels  of  implementation;  Entry  SQL, 
Transitional  SQL,  Intermediate  SQL,  and  Full  SQL.  Although  only  Entry  SQL 
is  required,  initially,  for  conformance  to  FIPS  127-2,  a higher  conformance  level 
may  be  specified  by  agencies  to  meet  their  specific  requirements. 
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CSL  continued  to  support  the  implementation  of  the  SQL  standard  through 
its  conformance  testing  program.  Version  4.0  of  the  NIST  SQL  Test  Suite  be- 
came publicly  available  for  general  purchase  in  July  1993.  Version  4.0  pro- 
vides conformance  tests  for  the  Entry  SQL  level  of  FIPS  127-2.  Version  4.0 
provides  1 1 test  suite  types  (interfaces)  including  Embedded  and  Module  Lan- 
guage tests  for  Ada,  C,  COBOL,  Fortran,  and  Pascal  plus  Interactive  SQL  tests. 
Twenty-two  SQL  Test  Suite  licenses  were  added  this  fiscal  year.  Since  the  NIST 
SQL  Test  Suite  was  released,  over  140  SQL  Test  Suite  licenses  have  been  pur- 
chased for  all  versions  of  the  test  suite. 

Ddta  Administration  CSL  continued  its  support  to  the  voluntary  standards  efforts  concerning  the  In- 
formation Resource  Dictionary  System  (IRDS),  both  at  the  American  National 
Standards  Institute  (ANSI)  level  and  the  International  Organization  for  Stand- 
ardization (ISO)  level.  Both  standards  organizations  have  focused  their  efforts 
on  the  development  of  the  next  generation  IRDS  (IRDS2)  that  would  be  adopted 
as  a voluntary  industry  standard. 

CSL  maintained  its  leadership  roles  in  the  development  of  IRDS2,  including 
chciirmanship  of  an  IRDS  technical  subcommittee,  editorship  of  the  IRDS2  re- 
quirements document,  and  U.S.  International  Representative  to  the  ISO  IRDS 
committee.  Development  efforts  on  IRDS2  focus  on  utilizing  the  IRDS  as  a 
mechanism  to  integrate  the  results  produced  through  the  use  of  Computer- 
Aided  Software  Engineering  (CASE)  tools  throughout  an  application  system’s 
life  cycle.  CSL  is  concentrating  its  efforts  in  coordinating  ANSI  and  ISO  devel- 
opment work  on  IRDS2  so  that  the  final  standards  specifications  are  in  agree- 
ment. Integrating  the  ongoing  national  and  international  voluntary  industry 
standards  work  in  IRDS  with  the  work  now  underway  in  the  CASE  Data  Inter- 
change Format  (CDIF)  standards  committee  is  another  area  of  CSL  interest. 

Recently  approved  were  two  new  FIPS  for  software  modeling  techniques: 

FIPS  183,  Integration  Definition  for  Function  Modeling  (IDEFO),  and  FIPS  184, 
Integration  Definition  for  Information  Modeling  (IDEFIX).  The  FIPS  adopt  non- 
proprietary IDEF  modeling  techniques  developed  by  government  and  industry 
for  use  in  the  analysis  and  development  of  information  systems.  CSL  will  con- 
tinue to  work  closely  with  industry  to  expand  the  coverage  of  the  IDEF  model- 
ing methodologies  over  a larger  portion  of  the  system  development  life  cj^cle. 

CSL  maintained  working  agreements  with  the  Department  of  Education,  the 
Environmental  Protection  Agency,  the  Internal  Revenue  Service,  and  DoD  in  ar- 
eas such  as  tool  integration,  establishment  of  data  administration  policy  for  an 
organization,  and  integration  of  modeling  methodologies.  In  these  interactions 
and  others,  CSL  seeks  to  ensure  that  organizations  use  established  standards 
to  integrate  applications  which  share  data  electronically  in  an  open  systems 
environment. 

NIST  Special  Publication  500-208,  Manual  for  Data  Administration,  gives 
guidance  to  data  administrators  in  developing  and  implementing  a data  admini- 
stration function.  CSL  once  again  hosted  the  annual  Data  Administration  Man- 
agement Association  (DAMA)  Symposium  sponsored  by  the  DAMA  National 
Capital  Region.  This  year’s  conference  focused  on  “Business  Reengineering: 

The  Competitive  Edge.” 
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Computer  Graphics 


Software  Standards 
Validation 


Two  FIPS  which  will  have  significant  impact  on  federal  agencies  were  developed 
in  FY  1993.  FIPS  177,  Initial  Graphics  Exchange  Specification  (IGES),  allows 
agencies  to  exchange  computer-aided  design  and  computer-aided  manufactur- 
ing (CAD /CAM)  information  both  within  agencies  and  among  different  agencies. 
FIPS  177  helps  to  ensure  that  agencies  don’t  get  “locked  in”  to  one  CAD/CAM 
system  and  can  generate  CAD /CAM  data  on  one  system  and  manipulate  it  on  a 
different  system. 

FIPS  128,  Computer  Graphics  Metafile  (CGM),  was  revised  and  published  as 
FIPS  1 28- 1 . The  revised  standard  adds  a significant  amount  of  new  functional- 
ity and  adopts  the  CALS  Application  Profile  (MIL-D-28003A).  MIL-D-28003A 
was  originally  developed  for  the  DoD  community  but  is  being  commonly  imple- 
mented and  used  in  many  different  applications  both  within  and  outside  the  de- 
fense community.  Other  application  profiles  may  be  added  to  FIPS  128-1  tf 
found  to  be  useful  to  federal  agency  applications.  A draft  revision  to  FIPS  173, 
Spatial  Data  Transfer  Standard  (SDTS),  was  developed  to  add  a Topological  Vector 
Profile  (TVP)  for  the  transfer  of  vector  data  between  dissimilar  computer  systems. 

Conformance  testing  services  which  continue  to  operate  include  the  GKS 
Testing  Service,  the  PHIGS  Testing  Service,  and  the  CGM  File  Testing  Service. 

A CGM  Generator  Testing  Service  which  determines  conformance  of  generators 
to  FIPS  128-1  and  to  MIL-D-28003A  began  in  FY  1993.  A CGM  Interpreter 
Testing  Service  has  been  developed  and  will  be  beta  tested  next  year.  Both 
CGM  generators  and  interpreters  should  be  validated  and  certified  to  ensure  a 
complete  and  accurate  exchange  of  graphical  picture  data. 

CSL  signed  a license  agreement  with  the  University  of  Leeds  in  the  United 
Kingdom  which  allows  CSL  to  use  the  University’s  test  suite  to  perform  IGES 
testing  in  the  United  States.  The  test  suite  is  currently  being  beta  tested.  It 
will  be  used  initially  to  test  for  FIPS  177  and  will  later  be  enhanced  to  test  for  a 
subset  of  the  CALS  IGES  specification  (MIL-D-28000). 

Testing  programming  language  compilers  for  conformance  to  FIPS  and  Federal 
Information  Resources  Management  Regulations  (FIRMR)  continues  to  be  an 
important  service.  CSL  provides  validation  services  for  programming  languages 
COBOL  (FIPS  21-3),  Fortran  (FIPS  69-1),  Pascal  (FIPS  109),  Ada  (FIPS  119), 
MUMPS  (FIPS  125)  and  C (FIPS  160).  CSL  updated  and  released  new  test 
suites  for  COBOL  and  C this  year. 

Twenty-five  new  Database  Language  SQL  implementations  from  seven  ven- 
dors were  validated  for  conformance  to  FIPS  127-1,  resulting  in  a total  of  42 
SQL  implementations  currently  validated.  During  FY  1993,  CSL  provided  pro- 
gramming language  and  database  validation  services  to  30  private-sector  com- 
panies and  one  government  agency  for  a total  of  146  validations.  The  total 
number  of  programming  and  database  language  processors  currently  validated 
as  of  September  30,  1993,  is  511. 
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The  quarterly  Validated  Products  List,  a collection  of  registers  listing  imple- 
mentations of  FIPS  that  have  been  tested  for  conformance  to  FIPS,  grew  sub- 
stantially during  the  past  year.  The  VPL  now  lists  over  900  implementations 
(products)  covering  FIPS  conformance  testing  programs  for  programming  lan- 
guages, database,  graphics,  operating  systems,  open  systems,  and  computer  se- 
curity. Areas  covered  in  the  VPL  include  six  programming  languages:  database 
language  SQL;  graphics:  GOSIP;  POSIX;  and  computer  security.  The  publica- 
tion is  available  through  the  National  Technical  Information  Service  on  a single- 
issue  or  subscription  basis. 

In  cooperation  with  the  Department  of  Veterans  Affairs,  CSL  developed  a revi- 
sion to  FIPS  125,  MUMPS,  which  adopts  ANSI/MDC  11.1-1990.  Approved  and 
republished  as  FIPS  125-1,  the  standard  promotes  the  portability  of  MUMPS 
programs  for  use  on  a variety  of  computer  systems.  A test  suite  for  FIPS  125-1 
is  also  being  developed  and  is  expected  to  be  released  in  1994. 

CSL  maintained  a working  agreement  with  the  Department  of  Defense  to  ad- 
vance software  reuse  technology  for  improving  the  production  of  reliable  and  af- 
fordable software.  Focus  areas  in  software  reuse  are  domain  analysis  methods, 
software  reuse  terminology,  software  reuse  metrics,  and  software  reuse  incentives. 
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Open  System 
Environment 


SYSTEMS  AND  SOFTWARE 
TECHNOLOGY  DIVISION 


Chief:  Roger  J.  Martin 

Group  Managers:  Fritz  Schulz,  Distributed  Systems  Engineering 
Tom  Rhodes,  Software  Engineering 
Lawrence  A.  Welsch,  Office  Systems  Engineering 

The  linking  of  systems  and  networks  to  exchange  information  depends  upon 
the  interoperability  of  distributed  systems,  the  portability  of  applications,  and 
advanced  software  components  and  tools.  The  Systems  and  Software  Technol- 
ogy Division  addresses  these  and  other  challenges  in  distributed  systems  engi- 
neering, software  engineering,  and  office  systems  engineering. 

CSL  published  a major  revision  of  its  APP  Guide,  NIST  Special  Publication  500- 
210,  Application  Portability  Profile  (APP)  The  U.S.  Government’s  Open  System 
Environment  (OSE)  Profile/ 1 Version  2.0.  The  additional  specifications  provide 
guidance  on  services  required  to  support  distributed  systems.  The  APP  Guide 
defines  an  open  system  environment  (OSE)  framework  by  describing  the  infor- 
mation technology  (IT)  services,  protocols,  interfaces,  and  data  formats  needed 
by  the  U.S.  government  to  support  a broad  range  of  federal  applications.  In  ad- 
dition to  federal  agencies,  many  industry  organizations  have  adopted  the  recom- 
mended specifications  in  their  internal  environments  to  provide  better 
procurement,  management,  and  utilization  of  IT  resources. 

The  semi-annual  APP/OSE  Users’  Forum  provides  users,  vendors,  and  imple- 
mentors with  the  opportunity  to  gain  information  about  and  respond  to  CSL 
proposals  regarding  the  evaluation  and  adoption  of  an  integrated  set  of  stand- 
ards to  support  the  APP  and  OSE.  These  forums  promote  interchange  on  OSE 
developments  in  the  federal  government  and  provide  guidance  to  federal  agen- 
cies. The  format  has  been  expanded  to  include  mini-workshops  which  focus  on 
major  topics  such  as  OSE  Procurement  and  Security  in  OSE.  Attendance  at 
this  forum  has  doubled  in  the  past  year. 

Meeting  four  times  in  1993,  the  OSE  Implementors’  Workshop  (OIW)  is  a 
public  international  technical  forum  for  the  development  of  implementation 
agreements  (profiles)  based  on  emerging  international  standards  and  publicly 
available  specifications.  This  year,  the  OfW  expanded  into  OSE  applications 
such  as  electronic  commerce,  multimedia,  and  convergence  of  OSI  and  TCP/IP 
network  standards.  A new  process  was  established  to  respond  to  user  require- 
ments in  creating  profiles  and  a mechanism  was  developed  for  the  use  of  public 
specifications  where  required  formal  standards  do  not  exist.  NIST  Special  Pub- 
lication 500-206,  Stable  Implementation  Agreements  for  Open  Systems  Inter- 
connection Protocols,  Version  6,  Edition  1,  contains  the  agreements  approved 
by  the  OIW  to  date.  Harmonization  of  OfW  activities  with  those  of  other  re- 
gional workshops  continued. 
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Distributed  System 
Engineering  (DSE) 
Laboratory 


NIST  POSIX 
Conformance  Testing 


Integrated  Software 
Engineering 
Environments  (ISEE) 


The  DSE  laboratory  provides  a testbed  in  which  OSE-compliant  distributed  sys- 
tem technologies  can  be  integrated,  evaluated,  and  assessed  in  terms  of  their 
ability  to  support  application  software  portability  and  interoperability.  The 
laboratory  provides  an  infrastructure  to  allow  research  and  operation  of  distrib- 
uted system  software,  distributed  applications,  and  operation  support  tools.  A 
plan  has  been  developed  to  make  the  DSE  laboratory  useful  to  other  agencies 
and  organizations  in  developing  their  own  distributed  systems  laboratories. 

The  DSE  laboratory  program,  in  conjunction  with  other  agencies  and  indus- 
try, is  also  developing  a Core  Distributed  Platform  Profile  (DPP).  This  profile 
will  establish  a procurement  and  engineering  baseline,  identifying  the  mini- 
mum requirements  for  an  application  platform  to  qualify  for  inclusion  in  a 
distributed  system. 

Initiated  in  May  1991,  the  NIST  POSIX  Testing  Program  expanded  to  provide 
testing  for  the  newly  adopted  revision  of  Federal  Information  Processing  Stand- 
ard (FIPS)  151-2,  Portable  Operating  System  for  Computing  Environments 
(POSIX).  POSIX  promotes  the  portability  of  applications  software  at  the  source 
code  level  between  computer  systems  from  multiple  vendors.  Each  validated 
product  has  been  tested  by  an  accredited  testing  laboratory  using  the  NIST 
POSIX  ConforTnance  Test  Suite  (NIST-PCTS).  CSL  reviews  test  results  and 
issues  certificates  of  validation. 

Over  125  products  have  been  issued  validation  certificates  for  conformance 
to  FIPS  151-1.  In  September  1993,  CSL  began  issuing  certificates  for  FIPS  151- 
2.  Conformant  products  are  listed  in  CSL’s  Validated  Products  List  and  are 
also  available  on  electronic  mall  file  server  system.  To  obtain  a copy  of  these 
lists,  send  the  e-mail  message  “send  info”  to  the  e-mail  address  “posix@nist.gov”. 

An  information  serwer  has  also  been  established  which  provides  electronic 
access  to  APP/OSE  Users’  Fonam  and  OSE  Implementors’  Workshop  specifica- 
tions, documents,  and  schedules,  as  well  as  other  reports,  publications,  and 
draft  standards.  Services  currently  available  include  electronic  mail,  Internet 
File  Transfer  Protocol  (FTP),  Gopher,  and  World  Wide  Web  (WWW),  and  working 
group  forums  for  conducting  technical  work  on-line.  The  Infoserver  contains  a 
wide  range  of  CSL  publications,  POSIX  validated  products  lists,  and  implemen- 
tation agreements  useful  for  IT  vendors  and  procurers  of  OSE  products. 

This  project  seeks  to  define  an  open  system  ISEE  which  provides  software  tool 
integration  support,  repositories  for  software  development  artifacts,  and  com- 
munication facilities.  ISEE  will  include  a framework  which  supports  standards- 
compliant  interfaces  to  a set  of  necessary  services  and  a set  of  interchangeable 
tools.  The  ISEE  program  has  worked  closely  with  the  European  Computer 
Manufacturer’s  Association  (ECMA),  the  Defense  Information  Systems  Agency 
(DISA),  the  Navy’s  Next  Generation  Computer  Resources  (NGCR)  program,  the 
Software  Engineering  Institute,  the  Institute  of  Electrical  and  Electronics  Engi- 
neers (IEEE),  and  industry  toward  this  goal.  Reference  Model  for  Frameworks 
of  Software  Engineering  Environments,  jointly  developed  by  NIST  and  ECMA, 
was  published  as  NIST  Special  Publication  500-2 1 1 . 
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High  Integrity 
Software  Assurance 


Building  upon  the  proposal  to  use  the  PCTE  (Portable  Common  Tool  Environ- 
ment) Standard  as  an  important  component  of  an  ISEE  framework,  CSL  has 
collaborated  with  DoD  and  the  Object  Management  Group  (OMG)  to  establish 
the  OMG  PCTE  Initiative  (OPI).  This  forum  examines  extensions  of  the  PCTE 
standard  and  fosters  development  of  PCTE  validation  technology.  The  Divi- 
sion’s Software  Engineering  Environments  Laboratory  (SEEL)  provides  a test- 
bed and  demonstration  laboratory  for  PCTE  and  other  components  of  an  open, 
distributed  ISEE.  The  laboratory  provides  the  basis  for  Investigating  ap- 
proaches for  tool  and  repository  integration  and  the  guidance  needed  for  devel- 
oping tool  interface  standards. 

The  High  Integrity  Software  Assurance  project  addresses  the  production  and  as- 
surance of  software  for  use  in  high  integrity  systems,  those  that  must  be 
trusted  to  work  dependably  in  some  critical  function.  CSL  provides,  in  coopera- 
tion with  industry  and  government,  advanced  development,  analysis,  and  test- 
ing techniques  for  assurance  of  software  and  systems  as  well  as  standards  and 
guidance  on  this  subject.  NIST  Special  Publication  500-209,  Software  Error 
Analysis,  discusses  error  detection,  analysis,  resolution,  and  the  use  of  soft- 
ware metrics  and  statistical  process  control  techniques  for  both  process  and 
product  improvement.  GCR  93/626,  An  International  Survey  of  Industrial  Ap- 
plications of  Formal  Methods,  describes  the  purpose,  approach,  analysis  and 
conclusions  of  1 2 case  studies  of  industry’s  use  of  formal  mathematical  meth- 
ods for  defining  and  verifying  software  specifications  and  for  program  proving. 

The  High  Integrity  Software  Assurance  project,  in  coordination  with  the  Na- 
tional Science  Foundation  and  the  MITRE  Corporation,  is  seeking  to  establish  a 
Center  for  High  Integrity  Software  System  Assurance.  Through  this  center, 

CSL  will  identify  research  requirements  for  assurance;  coordinate  research; 
and  transfer  the  resulting  technology  into  federal  agencies  and  industry.  Vari- 
ous forms  of  sponsorship,  such  as  funds,  guest  workers,  and  CRADAs,  are  be- 
ing sought  from  other  agencies  and  industry.  In  addition,  a demonstration 
laboratory  for  methods  and  tools  that  support  high  integrity  software  assurance  is 
being  planned. 

Under  an  interagency  agreement  with  the  Nuclear  Regulatory  Commission, 
CSL  conducted  a study  of  software  hazard  analysis  techniques  and  the  present 
capability  of  Computer-Aided  Software  Engineering  (CASE)  tools  to  support  de- 
velopment and  assurance  techniques  needed  for  high  integrity  software.  Work 
included  the  definition  of  a framework  of  software  development  and  assurance 
processes  essential  for  high  integrity  software;  an  NIST/NRC  joint  workshop  on 
digital  system  design  issues  related  to  nuclear  safety;  and  workshop  proceed- 
ings. Extensive  work  has  been  conducted  in  the  development  and  use  of  a 
mathematical  approach  to  program  analysis  called  slicing  to  examine  software 
features. 
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Telecommunications 
Security  Anaiysis 
Center 


Office  Systems 
Engineering 


The  High  Integrity  Systems  Lecture  Series  continued  for  the  third  year  with 
national  experts  addressing  topics  of  total  quality  management  with  software 
quality  assurance,  software  reliability,  software  process  improvement,  and  re- 
verse engineering.  CSL  also  co-sponsored  the  Eighth  Annual  Conference  on 
Computer  Assurance,  COMPASS  ’93  which  addressed  the  issues  of  software 
safety,  process  integrity,  and  computer  security. 

Secure,  dependable  telecommunications  services  are  vital  to  both  government 
and  industry.  To  improve  the  security  and  integrity  of  the  U.S.  telecommunica- 
tions infrastructure,  CSL  is  developing  the  Telecommunications  Security  Analy- 
sis Center  (TSAC)  to  provide  advanced  analysis  and  testing  techniques  for 
assurance  of  security,  integrity,  and  reliability  in  telecommunications  systems 
and  software;  to  conduct  evaluation  of  telecommunications  systems  and  soft- 
ware, including  switches  and  operations  support  systems  that  provision,  test, 
administer,  and  maintain  various  network  elements;  and  to  develop  standards 
and  guidance  in  cooperation  with  industry.  Projects  include  research  in  formal 
methods,  feature  analysis,  and  program  slicing. 

Activities  in  office  systems  engineering  focused  on  developing  and  implement- 
ing computer-based  tools  to  enhance  productivity.  Since  many  tools  do  not 
work  well  together,  efforts  centered  on  the  use  of  documents  to  integrate 
computer-based  tools. 

In  collaboration  with  the  Information  Systems  Engineering  Division,  re- 
searchers continued  a joint  project  on  hypertext  and  hypermedia  technologies. 
Hypermedia  technologies  permit  the  integration  of  searching,  linking,  and  mul- 
timedia presentations  using  optical  storage  and  networked  systems. 

Other  program  activities  in  office  systems  engineering  included  the  develop- 
ment of  a strategy  and  testbeds  to  determine  how  well  documents  are  inter- 
changed between  systems  and  the  initiation  of  an  Open  Virtual  Reality  Testbed 
for  conducting  research  on  the  applicability  of  virtual  reality  technologies  in 
document  information  processing. 
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Electronic  Commerce 


COMPUTER  SECURITY  DIVISION 


Chief:  Stuart  W.  Katzke 

Group  Managers:  Miles  E.  Smid,  Security  Technology 

Stuart  W.  Katzke  (Acting),  Management  & Evaluation 
Stuart  W.  Katzke  (Acting),  Planning  & Assistance 
Robert  Rosenthal,  Protocol  Security 

With  the  growth  of  electronic  commerce  and  the  increase  use  of  networks,  the 
need  to  ensure  the  security  of  data  and  the  privacy  of  information  becomes  criti- 
cal. The  Computer  Security  Division  provides  guidance  and  technical  assis- 
tance to  government  and  industry  in  the  protection  of  unclassified  automated 
information  resources. 

As  a result  of  a new  Memorandum  of  Understanding  with  the  Department  of 
the  Treasury,  CSL  is  developing,  prototyping,  testing,  and  implementing  com- 
puter security  standards  and  procedures  to  protect  sensitive  Treasury  informa- 
tion from  unauthorized  access  or  modification.  Areas  of  cooperation  include 
accreditation  and  certification  of  sensitive  automated  information  systems 
(AIS):  risk  management:  security  management  guidelines;  open  systems;  LAN 
security:  security  architectures;  security  criteria  and  evaluation  methods;  sys- 
tems integration;  and  public  and  private  key  cryptographic  techniques  as  ap- 
plied to  electronic  data  interchange  (EDI),  electronic  funds  transfer,  electronic 
mail,  and  other  areas. 

CSL’s  Electronic  Certification  Project  (ECP)  captured  a 1992  Federal  Leadership 
Award  sponsored  by  Federal  Computer  Week  and  the  Open  Systems  Conference 
Board.  This  award  recognizes  federal  information  systems  projects  that  have 
helped  to  improve  the  government  significantly,  by  tangibly  improving  the  quality 
of  service  to  the  public  or  by  decreasing  costs  without  harming  mission  effectiveness. 

More  than  60  federal  agencies  now  use  electronic  certification  in  their  busi- 
ness applications,  including  the  Department  of  the  Treasury  which  uses  elec- 
tronic certification  to  process  19,000  agency  payments  each  month  worth 
about  $1.2  billion.  The  ECP  uses  computer  security  standards  and  advanced 
technology  developed  by  CSL  to  provide  an  electronic  signature  that  identifies 
the  sender  of  information  and  that  cannot  be  used  by  unauthorized  individu- 
als. This  capability  allows  federal  agencies  to  completely  replace  many  paper- 
based  systems  with  automated  electronic  systems,  reducing  processing  costs 
and  increasing  efficiency. 

NISTIR  5247,  Workshop  on  Security  Procedures  for  the  Interchange  of  Elec- 
tronic Documents:  Selected  Papers  and  Results,  presents  the  findings  of  a 
workshop  held  in  November  1992.  Co-sponsored  by  CSL  and  the  Office  of  Man- 
agement and  Budget,  the  workshop  focused  on  the  need  to  devise  rules  for  the 
use  of  security  procedures  in  the  electronic  transmission  of  documents  be- 
tween organizations.  This  transmission  process,  usually  utiliztng  EDI  stand- 
ards, results  in  reduced  paperwork,  shorter  response  time,  reduced  inventory 
requirements,  and  fewer  transcription  errors.  Federal  and  industry  applica- 
tions include  purchasing,  regulatory  and  environmental  reporting,  customs  and 
tariff  filings,  benefits  management,  and  claims  and  disbursement  information. 


13 


Standards  Are  Key 


Digital  Signatures 


The  Secretary  of  Commerce  reaffirmed  the  Data  Encryption  Algorithm  for  five 
years  and  revised  Federal  Information  Processing  Standard  (FIPS)  46- 1 , Data 
Encryption  Standard  (DES),  to  allow  for  implementation  of  the  algorithm  is  soft- 
ware, firmware,  or  hardware.  In  addition,  the  revision  allows  for  the  use  of 
other  cryptographic  algorithms  for  protecting  unclassified  data  provided  that 
these  algorithms  are  approved  in  FIPS. 

Also  approved  was  FIPS  140-1,  Security  Requirements  for  Cryptographic 
Modules,  which  will  enable  federal  agencies  to  speedy  their  security  require- 
ments for  cryptographic  modules  which  can  be  used  to  protect  unclassdied  in- 
formation in  a variety  of  different  applications.  Developed  by  a joint  government 
and  industry  working  group,  FIPS  140-1  specifies  four  levels  of  security  which 
will  give  agencies  flexibility  in  selecting  appropriate  and  cost-effective  security 
for  the  various  kinds  of  sensitive  information  that  they  process  and  for  different 
applications  and  environments. 

FIPS  180,  Secure  Hash  Standard,  was  approved  for  federal  agency  use  in 
protecting  unclassified  information.  FIPS  180  specifies  a Secure  Hash  Algo- 
rithm (SHA)  which  can  be  used  to  generate  a condensed  representation  of  a 
message  called  a message  digest.  Appropriate  applications  of  the  SHA  include 
electronic  mall,  electronic  funds  transfer,  software  distribution,  and  data  stor- 
age. CSL  plans  to  initiate  a SHA  validation  program  in  the  near  future. 

Also  approved  was  FIPS  181,  Automated  Password  Generator,  which  speci- 
fies an  algorithm  for  generating  pronounceable  passwords  that  can  be  easily  re- 
membered by  users  but  that  are  less  easily  compromised  than  passwords 
selected  by  users  directly.  The  standard  helps  government  organizations  to  im- 
prove the  administration  of  their  password  systems  for  authenticating  users  of 
computer  systems  and  for  authorizing  access  to  computer  systems. 

Digital  signature  technology,  which  provides  a replacement  for  the  handwritten 
signature,  is  a crucial  element  in  the  processing  of  electronic  transactions. 
Sponsored  by  the  Advanced  Research  Projects  Agency  (ARPA),  CSL  developed 
an  Advanced  Smartcard  Access  Control  System  (ASACS)  which  implements  the 
proposed  digital  signature  standard  on  a device  with  the  same  dimensions  as  a 
standard  credit  card.  Easily  carried  in  a wallet  or  purse,  the  smartcard  pro- 
vides users  with  a secure  means  for  generating  and  verilying  digital  signatures. 
Several  federal  agencies  are  initiating  programs  which  will  take  advantage  of 
the  technolo^  developed  for  the  ASACS  project. 

In  February  1993,  CSL  sponsored  the  Federal  Digital  Signature  Applications 
Symposium  to  provide  a fomm  for  discussion  of  common  problems  and  issues 
in  the  application  of  digital  signature  technology  to  federal  government  sys- 
tems. Also  held  was  a Common  Authentication  Architecture  Workshop  focus- 
ing on  the  preliminary  assessment  of  a common  authentication  architecture 
standard  for  the  federal  government. 
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NISTIR  5234,  Report  of  the  NIST  Workshop  on  Digital  Signature  Certificate 
Management,  December  10-11,  1992,  summarized  a workshop  which  CSL 
sponsored  to  review  existing  and  required  technologies  for  digital  signature  cer- 
tification authorities  and  liabilities.  A study  addressing  the  “Public  Key  Infra- 
structure” and  “Federal  Certification  Authority  Liability  and  Policy”  was 
initiated  as  a result  of  this  workshop.  The  anticipated  completion  date  of  both 
reports  is  February  1994. 

Criteria  and  in  collaboration  with  the  National  Security  Agency  (NSA),  an  agreement  was 
Evaluation  made  to  develop  a Common  Criteria  (CC)  document  for  trusted  computer  sys- 
tem technology  with  the  European  Community  member  nations  and  North 
America.  The  results  of  the  work  on  the  Federal  Criteria  for  Information  Tech- 
nology (FC)  will  be  submitted  to  the  six  member  Editorial  Board  (EB)  consisting 
of  three  members  from  North  America  and  three  from  Europe.  The  effort  is  ex- 
pected to  be  completed  in  the  Spring  of  1994.  Specific  technical  areas  of  the 
CC  will  be  developed  by  Technical  Groups  staffed  by  CSL. 

Work  continues  on  the  development  of  the  first  U.S.  commercial  evaluation 
program.  Trust  Technology  Assessment  Program.  A working  group  was  estab- 
lished consisting  of  civilian  and  DoD  agencies. 


Threats  to  Computer 
Systems 


Two  new  CSL  publications  assist  users  in  the  selection  of  appropriate  tools  and 
techniques  for  protecting  computer  systems  and  the  information  they  process. 
NIST  Special  Publication  800-5,  A Guide  to  the  Selection  of  Anti-Virus  Tools 
and  Techniques,  provides  criteria  for  judging  the  functionality,  practicality,  and 
convenience  of  anti-virus  tools.  NIST  Special  Publication  800-6,  Automated 
Tools  for  Testing  Computer  System  Vulnerability,  analyzes  factors  affecting  the 
security  of  a computer  system. 

As  a participant  in  the  U.S.  Army  Computer  Vulnerability/ Survivability 
Study  Team,  CSL  assessed  the  threats  to  computer  systems  which  use  commer- 
cially available  hardware  and  software.  NISTIR  4939,  Threat  Assessment  of  Ma- 
licious Code  and  External  Attacks,  examines  threats  from  malicious  code 
(viruses  and  worms)  and  human  threats  (hackers). 

Also  published  was  NIST  Special  Publication  800-8,  Security  Issues  in  the 
Database  Language  SQL.  The  report  examines  the  security  functionality  of  rela- 
tional database  management  systems  and  compares  those  functions  with  the 
requirements  of  the  SQL  specifications. 


Network  Security  CSL  and  the  National  Science  Foundation  co-sponsored  a workshop  to  address 

the  need  for  improving  the  security  of  the  National  Science  Foundation  Network 
(NSFNET)  and  the  National  Research  and  Education  Network  (NREN).  Work- 
shop participants  identified  off-the-shelf  security  technology  that  could  be  im- 
plemented in  the  NSFNET,  especially  to  control  access  to  the  supercomputers 
on  the  network.  NISTIR  5232  presents  workshop  results. 
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In  conjunction  with  the  MITRE  Corporation,  a working  paper  entitled  “Rec- 
ommendations for  Secure  Lower  Layer  Communications  Protocols  in  U.S.  Gov- 
ernment OSI  Networks”  was  developed.  A second  paper,  “Conformance  Testing 
of  Lower  Layer  Security  Protocol,”  was  presented  to  a symposium  on  military 
communication  networks.  Other  activities  included  a proposed  guideline  on 
telecommunications  security  and  guidance  on  planning  for  fiber  distributed 
data  interface  (FDDI). 

Shdrin^  Informstion  Exchanging  information  with  government,  industry,  and  the  public  remained  a 

high  priority.  CSL  continued  its  support  of  the  Forum  of  Incident  Response 
and  Security  Teams  (FIRST)  by  serving  as  the  secretariat  of  FIRST  and  chairing 
the  FIRST  Steering  Committee.  This  collaboration  of  government  and  private- 
sector  organizations  sharing  security  incident-related  information  continues  to 
grow  both  nationally  and  internationally. 

Established  by  the  Computer  Security  Act  of  1987,  the  Computer  System  Se- 
curity and  Privacy  Advisory  Board  met  five  times  in  1993  to  discuss  significant 
computer  security  issues.  CSL  also  hosted  six  meetings  of  the  Federal  Com- 
puter Security  Program  Managers  Fomm  to  share  experiences  and  information 
on  mutual  problems  and  possible  solutions,  and  sponsored  the  annual  meeting 
of  the  Federal  Information  Systems  Security  Educators’  Association  (FISSEA)  in 
Febmary.  Work  continued  on  the  development  of  a handbook  to  assist  indi- 
viduals in  protecting  their  information  resources. 

CSL  and  NSA  co-sponsored  the  16th  National  Computer  Security  Confer- 
ence, in  Baltimore,  Maryland,  in  September  1993,  for  about  1,800  participants 
from  government,  industry,  and  foreign  countries.  This  year’s  conference 
theme  was  “Information  Systems  Security:  User  Choices.”  The  Computer  Secu- 
rity Bulletin  Board  System  (BBS)  continues  to  improve  access  and  information 
resources. 
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Open  Systems 
Specifications 


GOSIP  Testing 
Program 


SYSTEMS  AND  NETWORK 
ARCHITECTURE  DIVISION 


Chief:  Kevin  L.  Mills 

Acting  Chief:  Anastase  Nakassis 

Group  Managers:  Anastase  Nakassis,  Automated  Protocol  Methods 
Fran  Nielsen,  Network  Management 
Michael  L.  Ransom,  Network  Protocols 
Steven  A.  Trus,  Network  Applications 
Gerard  F.  Mulvenna,  Network  Architecture 

Electronic  commerce  and  the  use  of  electronic  data  interchange  (EDI)  in  an 
open  systems  environment  are  key  goals  to  making  government  more  efficient 
and  cost-effective.  Programs  in  the  Systems  and  Network  Architecture  Division 
include  the  development  of  pilot  solutions  to  problems  related  to  electronic  com- 
merce and  EDI  as  well  as  the  development  and  standardization  of  communica- 
tion protocols  for  open  systems,  security  for  communications,  and  the 
development  and  application  of  automated  protocol  methods. 

CSL  has  cooperated  with  the  Canadian  government,  the  World  Federation  of 
MAP/TOP  User  Groups,  and  the  electric  power  industry  to  develop  the  Indus- 
try/Government  Open  Systems  Specification  (IGOSS).  The  IGOSS  is  a common 
specification  for  computer  networking  products  that  conform  to  the  Open  Sys- 
tems Interconnection  (OSl)  international  standards.  Version  1 of  the  IGOSS 
was  completed  in  late  1993. 

To  reassess  federal  requirements  for  open  systems  networks,  NIST  convened 
an  interagency  Panel  on  Federal  Internetworking  Requirements  to  recommend 
policies  that  will  facilitate  internetworking  and  convergence  of  the  Internet  and 
OSI  protocol  suites.  Panel  recommendations  may  be  reflected  in  future  ver- 
sions of  the  IGOSS  or  Federal  Information  Processing  Standard  (FIPS)  146-1, 
Government  Open  Systems  Interconnection  Profile  (GOSIP). 

Also  developed  was  a “Department  of  Defense  (DoD)  Electronic  Mail  Security 
Analysis”  document  which  recommended  changes  which  would  integrate  DoD 
security  requirements  into  commercial  electronic  mail  products. 

To  assist  federal  agencies  in  procuring  products  specified  by  FIPS  146-1, 

GOSIP  Version  2,  CSL  developed  a comprehensive  test  policy  and  procedures 
for  testing  OSI  products.  The  GOSIP  Testing  Program  is  technically  supported 
by  the  Joint  Interoperability  Test  Center  (JITC)  of  the  Department  of  Defense 
and  is  carried  out  in  cooperation  with  the  Open  System  Environment  Imple- 
mentors’ Workshop  (OIW).  The  program  provides  for  demonstration  of  techni- 
cal credibility,  acceptability  to  both  vendors  and  users,  assurance  of 
interoperability,  and  provides  a basis  for  international  recognition  of  national 
testing. 
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Security  Protocols 
for  Open  Systems 
Networks 


Protocol 
Convergence  and 
Coexistence 


Under  t±iis  test  program,  CSL  established  public  registers  for  GOSIP  Ab- 
stract Test  Suites  (ATSs),  GOSIP  Protocol  Information  Conformance  Statement 
(PICSs),  Validated  Means  of  Testing  (MOTs),  Interoperability  Test  Suites,  Accred- 
ited Conformance  Testing  Laboratories,  Approved  Accredited  Laboratories  for 
MOT  Validation,  Conformance  Tested  GOSIP  Products,  and  Interoperability 
Testing  Services.  Of  the  ATSs  for  those  protocols  for  which  conformance  test- 
ing is  mandatory,  approximately  40  MOTs,  16  accredited  laboratories,  and 
about  200  products  (including  derived  products)  are  on  the  respective  registers. 
CSL  has  implemented  a quality  improvement  system  covering  four  areas  of  its 
GOSIP  Testing  Program:  ATSs,  MOTs,  Labs,  and  Test  Reports.  Currently  un- 
der development  is  the  testing  infrastructure  for  the  IGOSS  and  planned  GOSIP 
Version  3.  CSL  has  also  started  a process  of  harmonization  with  the  Open  Sys- 
tems Testing  Consortium  in  the  European  Community. 

CSL  continued  to  be  instrumental  in  standardizing  lower  layer  security  proto- 
cols, as  a primary  participant  in  the  effort  to  develop  the  OSI  Network  Layer  Se- 
curity Protocol  (NLSP),  expected  to  achieve  International  Standard  status  in 
late  1993.  In  1993,  CSL  focused  on  standardization  of  OSI  upper  layer  security 
protocols  including  Security  Association  and  international  editorship  for  stand- 
ardized frameworks  on  integrity  and  confidentiality.  CSL  also  supports  the  de- 
velopment of  key  management  standards  by  providing  the  international  editor 
for  this  effort. 

Another  new  area  of  work  is  in  fostering  the  development  of  integrated  seeu- 
rity  protocols  that  can  be  used  in  multiple  protocol  stacks  including  OSI  and 
the  TCP/IP  suites;  this  work  is  part  of  a larger  CSL  program  to  promote  conver- 
gence and  facilitate  coexistence  among  protocol  stacks. 

CSL  is  playing  a leadership  role  in  exploring  and  documenting  combinations  of 
technology  derived  from  Internet  and  OSI  protocol  suites.  The  goal  of  this  work 
is  to  promote  coexistence  of  the  two  suites  whenever  possible  and  avoid  unnec- 
essary duplication  of  standardization  efforts,  with  the  eventual  goal  being 
coexistence. 

Researchers  are  helping  to  adapt  the  OSI  Connectionless-mode  Network  Pro- 
tocol (CLNP)  as  a proposed  solution  to  the  current  Internet  address  depletion 
problem:  this  proposed  solution  is  known  as  TUBA,  or  TCP  and  UDP  with  Big- 
ger Addresses.  Activities  in  this  area  include  authoring  several  TUBA  stand- 
ardization documents,  fostering  TUBA  deployment  through  prototyping  and 
demonstrations,  and  helping  to  resolve  CLNP  infrastructure  problems  associ- 
ated with  coordination  of  large  scale  routing. 

CSL  is  also  promoting  the  use  of  the  OSI  Network  Layer  Security  Protocol 
(NLSP)  within  the  Internet  protocol  stack.  CSL  efforts  in  this  area  include 
authoring  standardization  documents  and  prototyping.  The  goal  is  to  avoid  du- 
plication by  using  an  existing  OSI  protocol  to  supply  network  layer  security 
services  within  the  Internet.  The  Internet  currently  has  no  standard  for  net- 
work layer  security. 
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Cooperative 
Laboratory  for  OS  I 
Routing  Technology 


Electronic  Data 
Interchange 


Electronic 
Commerce 
Integration  Facility 


Another  area  of  work  involves  promoting  convergence  of  OSI  and  Internet 
network  management  technologies.  This  work  is  based  on  the  on-going  effort 
within  the  International  Organization  for  Standardization  (ISO) /International 
Telecommunication  Union-Telecommunication  Standardization  Sector  (ITU-T) 
and  Internet  Management  Coexistence  (IIMC)  working  group  to  provide  an  inte- 
grated, unified  view  of  a managed  network,  despite  differences  in  management 
protocols  and  information  structure.  CSL  is  working  on  three  related  prob- 
lems: the  development  of  a “proxy”  algorithm  that  allows  a Common  Manage- 
ment Information  Protocol  (CMIP)  manager  to  manage  resources  on  existing 
Simple  Network  Management  Protocol  (SNMP)  agents;  the  development  of  trans- 
lation procedures  to  map  between  various  forms  of  managed  object  databases: 
and  prototyping  security  services  to  provide  end-to-end  security  in  support  of 
the  proxy  translation. 

FIPS  146-1,  GOSIP,  provides  the  blueprint  for  federal  procurement  of  multiven- 
dor, interoperable  computer  networking  products.  Supported  by  the  Depart- 
ment of  Energy  and  the  National  Science  Foundation,  CSL  developed  the 
Cooperative  Laboratory  for  Routing  Technology  to  establish  a collaborative  re- 
search program  with  industry,  government,  and  academia.  The  laboratory  pro- 
vides an  open  testbed  facility  for  routing  products:  fosters  mature,  commercially 
available  routing  products:  and  develops  methodologies  and  prototype  tools  to 
support  conformance  testing,  interoperability  testing,  and  product  evaluation. 

In  February  1993,  CSL  hosted  an  open  laboratory  to  give  vendors  an  oppor- 
tunity to  demonstrate  the  use  of  Frame  Relay  technology  in  OSI  networks.  The 
objective  of  the  trial  was  to  demonstrate  the  viability  of  the  use  of  multi -vendor 
Frame  Relay  products  to  support  OSI  applications  and  the  Integration  of  Frame 
Relay  into  existing  OSI  networking  environments.  The  successful  demonstra- 
tions opened  the  door  for  inclusion  of  Frame  Relay  m the  emerging  IGOSS. 

CSL  assisted  federal  agencies  in  the  use  of  EDI  and  its  integration  into  open 
systems.  Researchers  completed  the  first  phase  of  a set  of  EDI  tools  to  assist 
users  in  prototyping,  testing,  and  using  EDI  applications  based  on  standard  or 
non-standard  transaction  sets.  Also  a system  to  transmit  EDI  transactions 
over  X.400-based  electronic  mail  systems,  FTAM-based  file  transfer  systems, 
and  Value-Added  Networks  was  completed.  The  Department  of  Defense,  the  In- 
ternal Revenue  Service,  and  the  General  Services  Administration  sponsored 
these  projects. 

An  Electronic  Commerce  integration  facility  project  was  established  to  promote 
interoperability  of  electronic  commerce  applications:  to  serve  as  a technology 
transfer  center  for  government  electronic  commerce  applications;  to  assist  in 
the  removal  of  barriers  that  prevent  the  use  of  electronic  commerce:  and  to  as- 
sist in  the  advancement  of  technology  required  for  electronic  commerce.  To 
achieve  these  goals,  the  integration  facility  will  perform  research,  development, 
and  testing  of  electronic  commerce  applications  and  infrastructure  services: 
provide  liaison  services  with  other  groups  involved  in  electronic  commerce;  and 
publish  documents  and  provide  consulting  services  related  to  electronic  com- 
merce to  federal  and  industry  users. 
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Network 

Management 


A cooperative  program  between  government  and  industry,  the  integration  fa- 
eility  will  include  a diverse  variety  of  generic  national-level  electronie  eommerce 
problems,  sueh  as  purchasing,  health  care,  and  manufacturing.  A portion  of 
the  planned  purehasing  application  will  be  eompleted  in  FY  1994. 

CSL  continued  the  phased  development  of  FIPS  179,  Government  Network  Man- 
agement Profile  (GNMP),  and  worked  with  industry  consortia  to  ensure  that  the 
developing  OMNIPoint  specifications,  defined  by  the  Open  Management  Road- 
map partnership,  address  the  full  range  of  network  management  requirements. 
Released  in  Fall  1992,  OMNIPoint  1 is  the  first  in  a series  of  ineremental  specifi- 
cations intended  to  provide  a common  approach  to  the  integration  and  manage- 
ment of  diverse  technologies.  To  further  this  proeess,  CSL  continued  to  lead 
efforts  in  developing  standards  and  implementors  agreements  for  key  areas  of 
network  management,  including  security,  performance,  and  eonformance. 

CSL  was  instrumental  in  harmonizing  the  network  management  abstract 
test  suite  (ATS)  and  will  continue  to  lead  efforts  as  the  ATS  progresses  through 
the  standards  process.  A new  area  of  work  involves  promoting  coexistence  and 
eonvergence  of  OSI  and  Internet  management  teehnologies.  Another  leadership 
role  involves  e-mail  management  and  the  development  of  managed  objects.  Ad- 
ditionally, CSL  is  translating  the  existing  SNMP  MADMAN  managed  objects, 
which  define  e-mail  and  directory  services  information,  into  OSI  Guidelines  for 
the  Definition  of  Managed  Objects  (GDMO)  format.  This  work  dovetails  with 
the  eoexistence  work  in  that  it  focuses  on  providing  a generic  approach  to 
e-mail  management,  regardless  of  differing  protocols  and  management  models. 
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Parallel  Processing 


Image  Recognition 


ADVANCED  SYSTEMS  DIVISION 


Chief:  Shukri  A.  Wakid 

Group  Managers:  Gordon  E.  Lyon,  Parallel  Processing 
Dana  S.  Grubb,  Data  Storage 
Wayne  McCoy,  Distributed  Systems 
David  S.  Pallett,  Speech  Recognition 
Charles  L.  Wilson,  Image  Recognition 
David  H.  Su,  Advanced  Communications  (ISDN) 

The  development  of  high  performanee  eomputing  and  communications  systems 
requires  advanced  tools  and  measurement  methods.  The  Advanced  Systems  Di- 
vision conducts  research  and  provides  reference  material  in  parallel  processing, 
data  storage,  automated  pattern  recognition,  distributed  systems,  and  Integrated 
Services  Digital  Network  (ISDN). 

Work  in  parallel  processing  is  focused  on  measurement  methods  to  improve 
high  performance  computing.  Hardware  researchers,  in  developing  low-pertur- 
bation data  capture  hardware  for  multiple-instruction,  multiple-data  (MIMD) 
systems,  attained  a substantial  achievement  with  the  Very  Large  Scale  Integra- 
tion (VLSI)  chip  MultiKron.  The  current  version  features  hybrid  event  trigger- 
ing, a bank  of  counters  for  accumulating  state  information  and  a separate 
hardware  data  collection  path  for  time-stamped  traces.  The  technical  transfer 
to  Intel  of  the  MultiKron  instrumentation  chip  technology,  under  the  auspices 
of  the  Advanced  Research  Projects  Agency  (ARPA),  brings  this  effort  to  a level  of 
accomplishment  from  which  new  directions  and  evaluations  are  being  pursued. 
An  experimenter’s  toolkit  is  being  developed  to  simplify  MultiKron  use  by  elimi- 
nating the  custom  system  integrations  now  needed. 

In  conjunction  with  NIST’s  Advanced  Technology  Program  (ATP),  researchers 
established  a new  research  program  in  the  important  commercial  area  of  integrat- 
ing flat  panel  displays  into  modem  computer  systems.  Since  the  liquid  crystal 
display  (LCD)  is  the  main  competitor  to  the  CRT,  the  effort  is  initially  directed 
toward  LCD.  The  interface  between  the  graphics  controller  and  the  display  device 
(LCD  or  CRT)  is  the  primary  focus  of  current  activities.  Aside  from  laboratory 
work,  the  project  explored  organizing  a special  interest  group  with  IEEE  and  SID 
(Society  for  Information  Display),  hosting  a workshop  to  organize  now  scattered 
efforts  on  interfaces,  and  pursuing  joint  research  on  flat  panel  interfacing  issues. 

Researchers  Charles  L.  Wilson,  Michael  D.  Garris,  and  R.  7\llen  Wilkinson  re- 
ceived a U.S.  patent  for  their  invention  of  an  application  of  self-organizing  neu- 
ral network  methods  to  segmentation.  In  character  recognition,  segmentation 
involves  separation  of  character  strings  into  letters.  The  invention,  called  Self- 
Organizing  Neural  Network  Segmentation  (SONNS),  uses  competition  between 
two  neural  networks  to  separate  a sequence  of  partial  input  signals  into  parts 
(segments)  from  different  object  metaclasses,  classes  of  classes.  The  invention 
consists  of  using  two  or  more  subnetworks  which  compete  to  define  data  sub- 
sets, such  as  objects  or  anti-objects,  according  to  previously  learned  examples. 
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Due  to  the  self-organizing  nature  of  the  network,  the  specific  characteristics 
which  constitute  the  subsets  of  classifications  can  be  specified  whoUy  by  examples. 

In  support  of  NIST’s  ATP  Neural  Network  Control  Project,  CSL  contacted  In- 
dustry organizations  to  evaluate  image  recognition  projects  accepted  for  ATP 
funding.  Project  applications  Included  controlling  the  application  of  adhesives 
on  rolled  surfaces  such  as  tape,  controlling  the  glue  curing  process  on  fiber 
wound  composites,  and  controlling  the  metal  plating  of  rolled  plastic.  Tech- 
niques developed  by  CSL  for  optical  character  recognition  (OCR)  are  being  used 
to  advance  neural  network  control  technology. 

Researchers  provided  Standard  Reference  Materials  (SRMs)  to  industry  for 
several  types  of  magnetic  tape  media,  on  a cost-reimbursable  basis.  See  the 
Electronics  Products  list  in  Technology  Transfer. 

CSL  hosted  the  first  Text  REtrieval  Conference  (TREC)  in  November  1992,  fol- 
lowed by  the  second  conference  (TREC-2)  In  September  1993  which  attracted  a 
larger  attendance  and  more  participating  companies.  Co-sponsored  by  CSL 
and  the  Advanced  Research  Projects  Agency  (ARPA),  the  conference  series  en- 
courages research  In  Information  retrieval  from  large  text  applications  by  pro- 
viding a large  test  collection,  uniform  scoring  procedures,  and  a forum  for 
organizations  Interested  In  comparing  their  results.  Proceedings  were  publish- 
ed as  NIST  Special  Publication  500-207,  The  First  Text  Retrieval  Conference 
(TREC-1);  TREC-2  proceedings  will  be  published  early  In  1994. 

Working  with  the  ARPA  spoken  language  community  since  1984,  speech  recog- 
nition researchers  have  advanced  the  state-of-the-art  of  spoken  language  proc- 
essing by  the  development  and  use  of  speech  corpora  (databases  of  speech, 
transcriptions,  and  related  materials)  by  this  research  community.  These  refer- 
ence corpora  are  used  for  system  development  and  test  purposes.  To  date, 
more  than  50  CD-ROMs  have  been  produced  to  disseminate  these  speech  cor- 
pora throughout  the  world-wide  speech  research  community. 

CSL  implemented  benchmark  tests,  used  to  track  technology  development 
for  several  speech  technologies,  for  three  ARPA  programs  m 1992-93.  These 
tests  involved  a number  of  research  organizations  including  AT&T  Bell  Labora- 
tories, BBN,  Boston  University,  Cambridge  University  (England),  CMU,  CRIM 
(Canada),  Dragon  Systems,  INRS  (Canada),  ITT,  CNRS-LIMSI  (France),  MIT  Lin- 
coln Laboratory,  MIT  Laboratory  for  Computer  Science,  Paramax,  Philips  (Ger- 
many), Sanders-Lockheed,  and  SRI  International.  Additional  tests,  including 
Ismguage  identification,  are  planned  for  future  years. 

CSL  signed  a new  Cooperative  Research  and  Development  Agreement 
(CRADA)  m 1993  with  the  University  of  Pennsylvania’s  Linguistic  Data  Consor- 
tium (LDC).  Several  of  the  CSL-produced  CD-ROMs  Incorporate  material  con- 
tributed by  Texas  Instruments  and  NYNEX,  who  are  Senior  Members  of  the 
LDC.  Researchers  also  participated  in  software  sharing  efforts  involving  Cam- 
bridge University,  MIT  Laboratory  for  Computer  Science,  and  SRI  International. 
CSL’s  benchmark  test  scoring  software  is  widely  used  mtemationally. 


22 


Data  Storage  Group 


Advanced 

Communications 


Researchers  in  data  storage  developed  a platform  for  concurrent  engineering 
using  high  performance  computer  and  communications  technologies.  The  plat- 
form will  be  used  for  demonstration  to  small  engineering  and  manufacturing 
firms  who  may  want  to  develop  such  systems.  Research  in  performance  and 
interoperability  of  collaborative  technologies  is  planned. 

Research  continued  on  data  integrity  for  optical  disk  and  other  high  den- 
sity/high bandwidth  data  storage  information  systems  in  support  of  industry 
and  government,  including  working  with  industry  to  develop  national  and  inter- 
national standards  for  data  integrity  in  optical  disk-based  information  system. 
Also  completed  was  the  development  of  optical  disk-based  platforms  to  demon- 
strate currently  available  error  monitoring  and  reporting  capabilities  for  356 
mm  and  300  mm  disks,  as  well  as  optical  disk-based  test  equipment  for  meas- 
uring defect  distribution  in  optical  disk  media. 

The  Board  of  Standards  Review  of  the  American  National  Standards  Institute 
(ANSI)  approved  as  an  American  National  Standard  ANSI/NIST-CSL  1-1993, 
Data  Format  for  the  Interchange  of  Fingerprint  Information.  CSL  held  three 
workshops  to  develop  a working  draft  of  the  revised  standard  and  then  con- 
ducted a canvass  ballot.  Following  the  successful  canvass  vote,  ANSI  approved 
the  standard  on  November  22,  1993. 

Researchers  measured  system  performance  and  interoperability  for  imaging 
on  local  area  networks.  Research  focused  on  data  compression/decompression 
techniques,  image  quality  measurement,  and  workflow  techniques  for  new  im- 
aging applications  in  government  and  industry.  Also  completed  was  the  devel- 
opment and  integration  of  a document  imaging  and  workflow  prototype  for 
another  federal  agency.  A more  advanced  prototype  for  a paperless  processing 
initiative  was  designed. 

CSL  collaborated  with  industry  to  develop  electronic  image  and  records  man- 
agement standards  and  to  provide  Standard  Reference  Materials  to  industry  for 
several  types  of  magnetic  tape  media.  Another  cooperative  venture  with  indus- 
try and  government  involved  testing  characteristics  of  CD-ROM  and  advanced 
CD  recordable  media. 

Providing  leadership  and  expertise  for  the  development  of  standards,  measure- 
ment techniques,  and  conformance  tests  for  high  speed  communications  proto- 
cols in  support  of  the  national  initiative  on  high  performance  computing  and 
communications  is  the  goal  of  this  research  area.  Staff  members  make  contri- 
butions to  development  efforts  in  high  speed  networking  through  research  pro- 
jects which  range  from  theoretical  analysis  of  protocols  to  actual  measurement 
of  network  performance. 

Support  for  nationwide  ISDN  deployment  continued  through  the  sponsor- 
ship of  the  North  American  ISDN  Users’  Forum  (NIUF)  which  met  three  times  in 
1993.  Through  the  NIUF,  users  of  ISDN  have  the  opportunity  to  work  with  im- 
plementors to  assure  that  users’  needs  are  met  in  the  design  process.  This  is 
accomplished  through  the  development  of  applications  requirements,  imple- 
mentation agreements,  and  conformance  criteria  which  provide  the  detailed 
technical  decisions  necessary  to  satisfy  the  requirements  in  an  interoperable 
marmer.  The  NIUF  interacts  with  industry  through  CRADAs;  currently,  there 


23 


Distributed  Systems 
Group 


are  35  CRADA  signatories.  CSL  published  NIST  Special  Publication  823-3, 

North  American  Integrated  Services  Digital  Network  Users’  Forum  Agreements 
on  ISDN,  which  compiled  the  existing  NIUF  agreements  for  an  ISDN  developed 
and  approved  in  the  forum  as  of  October  1991. 

FIPS  182,  ISDN,  was  approved  for  federal  agency  use.  The  standard  defines 
the  generic  protocols  necessary  to  establish  transparent  ISDN  connections 
among  government  networks  and  between  government  and  conformant  com- 
mon carrier  networks.  Providing  a minimal  set  of  bearer  services,  FIPS  182  is 
based  on  national  and  international  standards  and  on  implementation  agree- 
ments developed  by  the  NIUF. 

The  development  of  conformance  tests  continued  to  be  an  important  activity, 
including  a ongoing  effort  at  international  harmonization  of  test  procedures  as 
a step  toward  the  goal  of  widespread  availability  of  portable,  multi-vendor 
equipment. 

Researchers  focused  on  performance  optimization  or  enhancements  of  applica- 
tions using  high  speed  networks  based  on  wireless  and/or  wired  technologies, 
including  such  techniques  as  compression  and  encoding.  In  collaboration  with 
the  National  Communications  System,  CSL  initiated  a new  Federal  Wireless  Us- 
ers Forum  (FWUF),  an  association  of  individual  federal  government  wireless 
telecommunication  users.  Meeting  three  times  a year,  the  FWUF  identifies  the 
wireless  telecommunications  needs  of  federal  users  and  promotes  the  interoper- 
ability of  wireless  technologies. 

Another  area  of  investigation  was  application  and  interoperability  issues  re- 
lated to  applications  using  Asynchronous  Transfer  Mode  (ATM).  Working  with 
the  University  of  Maryland  and  COMSAT,  CSL  examined  the  issues  involved  in 
using  ATM  protocols  over  a satellite  communications  link.  Also  investigated 
were  appropriate  compression  techniques  for  use  with  medical  images  in  ATM- 
based  communications. 

Software  superdistribution  involves  freely  distributing  proprietary  software, 
but  collecting  fees  for  usage.  A new  project  sought  to  establish  the  technical, 
business,  and  legal  issues  in  a superdistribution  system  based  upon  ISDN  com- 
munications and  services.  With  assistance  from  George  Mason  University  and 
support  from  ARPA,  CSL  is  constructing  a testbed  for  exploring  various  ap- 
proaches to  distribution,  protection,  and  fee  recovery. 

With  the  National  Telecommunications  and  Information  Administration  and 
other  collaborative  partners,  CSL  evaluated  the  effectiveness  and  performance 
of  the  ISDN  over  the  Advanced  Communication  Technology  Satellite  (ACTS)  sys- 
tem, in  both  quantitative  and  qualitative  terms.  Researchers  completed  simula- 
tion tests  of  the  effect  of  ACTS  transmission  of  four  ISDN  applications: 
videoconferencing,  desktop  conferencing,  LAN  bridging,  and  large  file  trans- 
fer/image retrieval.  Initial  simulation  tests  will  be  followed  by  actual  satellite 
testing. 
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SELECTED  STAFF  ACCOMPLISHMENTS 

FY  1991  - FY  1993 


Department  of  Commeree  awards  for  major  contributions  to  Department 
programs  were  presented  to: 


Silver  Medal 

Shukri  A.  Wakid  - 1992 
Allen  L.  Hankinson  - 1991 
David  K.  Jefferson  - 1991 


Bronze  Medal 

Wayne  Jansen  - 1993 
Douglas  C.  Montgomery  - 1993 
Eklward  Roback  - 1993 
Dennis  Steinaur  - 1993 

Donna  F.  Dodson  - 1992 
Elizabeth  N.  Fong  - 1992 
Michael  Garris  - 1992 
David  E.  Cypher  - 1991 
Gary  E.  Fisher  - 1991 
Irene  E.  Gilbert  - 1991 
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Recognition  from  Externai  Organizations 

James  H.  Burrows  was  named  IRM  Executive  of  the  Year  1993  by  the  Federa- 
tion of  Government  Information  Processing  Councils  for  his  contributions  to 
the  IRM  community  in  developing  and  advancing  sound  IRM  standards  that 
enhance  the  delivery  of  quality  government  IRM  services  to  citizens. 

A 1992  Federal  Leadership  Award  was  presented  to  CSL’s  Electronic  Certifica- 
tion Project  by  Federal  Computer  Week  and  the  Open  Systems  Conference 
Board.  The  project  also  received  the  1993  Outstanding  Security  Technology 
Application  award  from  Personal  Identification  News  (PIN)  Magazine. 

James  H.  Burrows  was  awarded  the  1991  IRM  Leadership  Award  by  the 
Association  for  Federal  Information  Resources  Management  (AFFIRM). 

James  H.  Burrows  received  the  1991  Federal  Office  Systems  Exposition 
(FOSE)  Award  for  leadership  in  standards  development  for  computing, 
telecommunications,  and  computer  security. 

F.  Lynn  McNulty,  David  K.  Jefferson,  Allen  L.  Hankinson,  Roger  J.  Martin, 
and  Frederick  T.  Boland  received  Federal  100  awards  from  Federal  Computer 
Week  for  contributions  to  the  federal  systems  community  in  1991. 

Roger  J.  Martin  was  appointed,  in  1993,  to  the  X/Open  User  Council  which 
provides  strategic  input  to  X/OPEN,  an  international  consortium  of  major 
computer  companies. 

Roger  J.  Martin  received  the  Institute  of  Electrical  and  Electronics  Engineers 
(IEEE)  Standards  Medallion  in  1992  for  his  contributions  to  the  establishment 
of  POSIX  test  methods  as  standards  worldwide. 

Kevin  L.  Mills  received  the  Interagency  Committee  on  Information  Resources 
Management  1991  Award  for  Management/ Administrative  Excellence  for  effec- 
tive leadership  in  the  federal  systems  community  in  advancing  the  acceptance 
of  Open  Systems  Interconnection  (OSI)  standards. 

Kevin  L.  Mills  was  elected  as  a senior  member  in  the  Institute  of  Electrical  and 
Electronics  Engineers  (IEEE). 

Robert  Rountree  received  an  Extended  Superior  Service  Award  in  1993  from 
the  International  Organization  for  Standardization/lntemational  Electrotechnical 
Committee  (ISO/lEC)  Joint  Technical  Committee  1 on  Information  Technology. 

Robert  Rosentbal  was  awarded  the  1992  Award  for  Technical  Excellence  by 
the  Interagency  Committee  on  Information  Resources  Management  for  leader- 
ship in  the  field  of  local  area  networks  and  computer  security. 
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Mark  Skall  received  the  1993  X3  Committee  Management  Award  for  his  leader- 
ship as  the  former  Vice  Chair  of  X3H3,  Computer  Graphics,  and  the  Document 
Editor  and  Rapporteur  within  JTC1/SC24/WG5,  Validation  and  Registration, 
from  the  International  Organization  for  Standardization/ International  Electro- 
technical Committee  (ISO/IEC)  Joint  Technical  Committee  1 on  Information 
Technology. 

Mark  Skall  was  appointed  as  the  government  representative  to  the  National 
Computer  Graphics  Association  Board  of  Directors  for  a three-year  term  begin- 
ning in  January  1993. 

Miles  E.  Smid  received  a 1993  Federal  100  Award  given  by  Federal  Computer 
Week  and  FOSE  ’93  for  exceptional  technical  competence  and  leadership  in  de- 
veloping solutions  for  protecting  information  systems  in  the  federal  government. 

Dennis  D.  Steinauer  was  elected  chairman  of  the  Forum  of  Incident  Response 
and  Security  Teams  (FIRST)  for  a one-year  term  beginning  August  1992. 

Eugene  F.  Troy  received  a 1993  Federal  100  Award  given  by  Federal  Computer 
Week  and  FOSE  ’93  for  key  contributions  in  the  NIST/NSA  Joint  venture  to 
document  computer  security  requirements  for  the  federal  government. 

Kamic  Roberts  received  a 1993  Award  for  Management /Administrative  Excel- 
lence from  the  Interagency  Committee  on  Information  Resources  Management 
(lAC/IRM)  for  technical  leadership  of  the  Transcontinental  Integrated  Services 
Digital  Network  (ISDN)  Project  (TRIP  ’92). 

Gordon  Lyon  was  appointed  Chairman  of  the  NIST  Research  Advisory 
Committee  for  1991. 

Leonard  J.  Gallagher  received  the  1993  X3  Committee  Management  Award  for 
his  national  and  international  work  on  standards  for  Database  Language  SQL 
from  the  International  Organization  for  Standardization/Intemational  Electro- 
technical Committee  (ISO/IEC)  Joint  Technical  Committee  1 on  Information 
Technology. 

Judith  Newton,  accepting  for  NIST,  received  the  1992  Data  Administration 
Management  Association  (DAMA)  International  Company  Achievement  Award 
for  an  outstanding  contribution  to  the  direction  of  the  information  resource 
industry. 

Henry  Tom  was  appointed,  for  a two-year  term  through  1993,  as  a deputy 
member  to  the  U.S.  Board  of  Geographic  Names.  He  also  served  as  the  govern- 
ment representative  on  the  Board  of  Directors  of  the  National  Computer  Graphics 
Association  through  December  1992. 
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CSL  staff  members  participate  in  more  than  85  national  and  international 
voluntary  standards  activities,  including  the  following: 

American  National  Standards  Institute  (ANSI): 

Information  Systems  Standards  Board  (ISSB) 

Information  Technology  Consultative  Committee  (ITCC) 

USA  Registration  Authority  Committee 

Accredited  Standards  Committee  (ASC): 

Tl.  Telecommunications 

X3,  Information  Processing  Systems 

X9,  Financial  Services 

XI 2,  Electronic  Data  Interchange  (EDI) 

IT9,  Physical  Properties  and  Permanence  of  Imaging  Media 

Institute  of  Electrical  and  Electronics  Engineers  (IEEE): 

IEEE  Standards  Board  and  Committees 
IEEE  Groups  for: 

Lx)cal  Area  Networks 

Portable  Operating  System  Interface  (POSIX) 

Graphical  User  Interface 
Software  Engineering 
U.S.  TAG  for  JTC  1 SC  7 
U.S.  TAG  for  JTC  1 SC  22  WG  15 

International  Organization  for  Standardization  (ISO)/ 

International  Electrotechnical  Commission  (lEC) 

Joint  Technical  Committee  1 (JTC  1)  on  Information  Technology 

U.S.  Technical  Advisory  Group  (TAG)  for  ISO/IEC  JTC  1 (JTC  1 TAG) 

International  Telecommunication  Union  - Telecommimication 
Standardization  Sector  (ITU-T)  Study  Groups  for: 

Switching  and  Signaling 

U.S.  National  Committee  for  ITU-TS: 

Study  Group  B 
Study  Group  D 
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International  Organization  for  Standardization  (ISO) 

Technical  Committees  for: 

Industrial  Automation 

Micrographics  and  Optical  Memories  for  Document  and  Image 
Recording,  Storage  and  Use 
ASC  X3  Subgroups  for: 

Audio /Picture  Coding 
Computer  Graphics 
Credit/Identification  Cards 
Database 

Data  Communications 
Data  Interchange 
Data  Representation 
Digital  Magnetic  Tape 
I/O  Interface 

Information  Resource  Dictionary  System 
Information  Technology  Security  Techniques 
Open  Systems  Interconnection 
Operational  Management  Committee  (OMC) 

Optical  Digital  Data  Disks 

Policy  and  Procedures  Committee  (PPC) 

Text:  Office  and  Publishing  Systems 
U.S.  TAG  for  JTC  1 SC  21 
U.S.  TAG  for  JTC  1 SC  22 

ASC  X9  Subgroups  for: 

Data  and  Information  Security 
Public-Key  Cryptography  for  Financial  Institutions 
Security  for  Financial  Systems 
Wholesale  Banking 

ASC  X12  Subgroup  for: 

Security 

ASC  T1  Technical  Subcommittee  for: 

Services,  Architecture  and  Signaling 

JTC  1 TAG  Subgroups  for: 

Functional  Standards 
Procedures 
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ISO/IEC  JTC  1 Subcommittees  or  Groups  for: 

Computer  Graphics 
Data  Element  Principles 

Document  Processing  and  Related  Communication 
Flexible  Magnetic  Media  for  Digital  Data  Interchange 
Functional  Standardization 
Information  Technology  Security  Techniques 
Interconnection  of  Information  Technology  Equipment 
Programming  Languages 

Open  Systems  Interconnection,  Data  Management,  and  Open  Distributed 
Processing 

Optical  Disk  Cartridges  for  Information  Interchange 

POSIX 

Procedures 

Software  Engineering 

Telecommunications  and  Information  Exchange  Between  Systems 

European  Computer  Manufacturers  Association  (ECMA)  Technical 
Committees  or  Task  Groups  for: 

PCTE  (Portable  Common  Tool  Environment)  TC33 /TGEP 
Reference  Model  for  Software  Environments  TC33/TGRM 
TC-36/TG1  Security  Evaluation  Criteria 

European  Workshop  on  Open  Systems  (EWOS) 

Expert  Group  on  Open  System  Environment  (OSE) 

Association  for  Information  and  Image  Management  (AIIM) 

Canadian  Committee  on  Geomatics 
Corporation  for  Open  Systems  (COS) 

Data  Administration  Management  Association  Standards  and  Procedures 
Subgroup 

Federal  Interagency  Coordinating  Committee  on  Digital  Cartography 

Federal  Open  Systems  Users  Council 

Federal  Telecommimication  Standards  Committee 

International  Association  for  Identification 

Internet  Engineering  Task  Force  (IETF) 

National  Association  of  State  Information  Resource  Executives  (NASIRE) 
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National  Information  Standards  Organization  (NISO) 


NIST  Open  System  Environment  Implementors’  Workshop  (OIW) 

North  American  ISDN  Users’  Forum  (NIUF) 

North  American  Open  Systems  Testing  & Certification  Policy  Coimcil 
Open  Management  Roadmap 
U.S.  Board  on  Geographic  Names 
X/Open  Users  Council 

CSL  staff  members  hold  the  following  leadership  positions  in  the  above  activities: 


X3  and  X3  Subgroups 

Leonard  Gallagher,  Inti.  Rep. 
Susan  Sherrick,  Inti.  Rep. 
Bruce  Rosen,  Inti.  Rep. 

Henry  Tom,  Chair 

Roger  Sies,  Chair 

X3H2,  Database 

X3H3. 7,  Validation-Testing-Registration 

X3H4,  IRDS 

X3L1,  Spatial  Data  Transfer 

X3V1 . 1 , User  Requirements 

JTC  1 TAG  Activities 

Robert  Rountree,  Chair 

JTC  1 TAG,  U.S.  Technical  Advisory  Group  for 
ISO/IEC  JTCl 

JTC  1 Subcommittees 

Dale  Walters,  Project  Editor 
Dale  Walters,  Project  Editor 

JTC  1/SC  6/WG  4 Transport  Layer  Security 
JTC  1 /SC  6/WG  8 Upper  Layer  Security 

Lawrence  Welsch,  Proj.  Editor  JTC  1/SC  18/WG  1 MHMF 
Anastase  Nakassis,  Proj.  Ed.  JTC  1/SC  21/WG  1 Confidentiality  and 

Integrity  Frameworks 

David  Jefferson,  Rapporteur  JTC  1/SC  21/WG  3 Rapporteur  Group  on 

Reference  Model  of  Data  Management 
Leonard  Gallagher,  Rapporteur  JTC  1/SC  21/WG  3 Rapporteur  Group  on 

Database  Languages 

C.  Michael  Chemick,  Proj.  Ed.  JTC  1/SC  21/WG  4 Performance  Management 


Roger  Martin,  Rapporteur 

Fritz  Schulz,  Project  Editor 
Eugene  Troy,  Project  Editor 

JTC  1/SC  22/WG  15  Rapporteur  Group  on 
Conformance  Testing 

JTC  1 SGFS,  TR 10003. 3 

JTC  1 27.16.1  General  Model  for  Security 
Evaluations 
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IEEE  Standards  Activities 

Fritz  Schulz,  Editor 
Anthony  Clncotta,  Editor 
Roger  Martin,  Chair 
Anthony  Cincotta,  Editor 
John  Barkley,  Editor 
Rick  Kuhn,  Secretary 
Rick  Kuhn,  Secretary 
Steve  Tms,  Chair 
Anthony  Cincotta,  Editor 
Mike  Rubinfeld,  Chair 
Roger  Martin,  Chair 

Lawrence  Welsch,  Sponsor 
Chair 

Others: 

James  Burrows,  Chair 
Mike  Hogan,  Vice  Chair 
Tom  Bagg,  Vice  Chair 
Dana  Grubb,  Chair 

Fran  Nielsen,  Secretary 
Mike  Rubinfeld,  Chair 
Dan  Stokesberry,  Chair 
Ted  Landberg,  Chair 


PI 003.0,  POSIX  Guide 
PI 003. 3,  POSIX  Test  Methods 
PI 003. 3.1,  POSIX.  1 Test  Methods 
PI 003. 3.1,  POSIX.  1 Test  Methods 
P1003.8,  Transparent  File  Access 
PI 201,  Window  & Graph.  Interfaces 
PI 20 1.2,  Driveability 
PI 224,  X=400  API 
P2003,  POSIX  Test  Methods  (rev.) 

CDARCH,  CD-ROM  Architecture 
PASC  Steering  Cmte  on  Conform  Tests,  Portable 
Applications  Standards  Committee 
SCODMMP,  Optical  Disc  and  Multimedia  Platforms 


Federal  Open  Systems  Users  Council 
ANSI  Information  Systems  Standards  Board 
Image  Technology  9 Committee 

Workshop  on  the  Electronic  Exchange  of  Fingerprint 
Images 

Open  Management  Roadmap,  User  Advisory  Council 

SIGCAT,  SIG  Standards 

NIUF 

OIW 
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COLLABORATION  WITH  GOVERNMENT, 
INDUSTRY,  AND  ACADEMIA 

In  FY  1993,  CSL  collaborated  with  many  agencies  and  organizations  in  govern- 
ment, industry,  and  academia,  some  of  which  supported  CSL  research  through 
funding  or  the  loan  of  equipment  or  software. 

Federal  Agencies 

Department  of  Defense 

Advanced  Research  Projects  Agency 

Air  Force,  Kelly  Air  Force  Base 

Air  Force,  Wright  Patterson  Air  Force  Base 

Army  Corps  of  Engineers 

Army,  Ft.  Belvoir,  Virginia 

Army,  Ft.  Huachuca,  Arizona 

Army  Personnel  Information  Systems  Command 

Army  Research  Office 

Computer-aided  Acquisition  and  Logistics  Support  (CALS) 

Defense  Information  Systems  Agency 
Department  of  the  Air  Force 
Department  of  the  Army 
Department  of  the  Navy 
Joint  Interoperability  Test  Center 
National  Security  Agency 
Naval  Research  Laboratory 
Navy  Next  Generation  Computer  Resources 
Office  of  the  Secretary  of  Defense 
Department  of  Agriculture 

Department  of  Commerce  (DoC),  Bureau  of  the  Census 

DoC  National  Telecommunications  and  Information  Administration 

DoC  National  Oceanic  and  Atmospheric  Administration 

DoC  Office  of  Financial  Management 

DoC  Patent  and  Trademark  Office 

Department  of  Education 

Department  of  Energy,  Lawrence  Livermore  National  Laboratory 

Department  of  Energy,  Oak  Ridge  National  Laboratoiy 

Department  of  Health  and  Human  Services 

Department  of  Interior,  U.S.  Geological  Survey 

Department  of  Justice,  Federal  Bureau  of  Investigation 

Department  of  State 

Department  of  the  Treasury 

Department  of  the  Treasury,  Internal  Revenue  Service 

Department  of  Veterans  Affairs 

Environmental  Protection  Agency 

General  Services  Administration 

National  Aeronautics  and  Space  Administration 
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Federal  Agencies  (continued) 


National  Science  Foundation 
Nuclear  Regulatory  Commission 
U.S.  Postal  Service 

Industry 

Ameritech  Services 
Apple  Computer  Company 
AT&T  Bell  Laboratories 
AT&T  Network  Services 
BBN 

Bell  Atlantic 
Bellcore 

Bell  Northern  INKS,  Montreal,  Canada 

Boeing 

Cellular  One 

CLC  Associates 

3COM 

Computer  Sciences  Corporation 
Combinet 

COMSAT  Corporation 
Cormective  Strategies,  Inc. 

CTA,  Inc. 

DGM&S 

Digital  Equipment  Corporation 

Dragon  Systems 

Eastman  Kodak  Company 

Fujitsu  Networks  Industry 

Gandalf 

GTE 

Harris  Corporation 

Hercules 

Honeywell 

Hughes  Aircraft  Company 
IBM  Corporation 

Idacom  Hewlett-Packard,  Canada 
Informix 

InterDigital  Corporation 

InterNex 

Intel  Corporation 

Intelsat 

ITT 
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Industry  (continued) 


McCaw  Cellular  Communications 
MCI 

MITRE  Corporation 

Motorola 

NCR 

NEC  America 
Network  Express 
Nortel  Federal  Systems 
Northern  Telecom,  Inc. 

NYNEX 

Oracle 

Paramax 

Philips  (Germany) 

PictureTel 

Ram  Mobile  Data 

Sanders-Lockheed 

Sheldahl 

Silicon  Graphics 

Sprint  International 

SRI  International 

Sun  Microsystems 

Tekelec 

Teleos  Communications,  Inc. 

Texas  Instruments 
Xyplex,  Inc. 

Academia 

Boston  University 
Cambridge  University,  U.K. 

Camegie-Mellon  University 

Camegie-Mellon  University,  Software  Engineering  Institute 

Centre  de  Recherche  Informatique  de  Montreal  (CRIM),  University  of  Montreal 

George  Mason  University 

Massachusetts  Institute  of  Technology 

University  of  Leeds,  U.K. 

University  of  Maryland 

University  of  Pennsylvania,  Linguistic  Data  Consortium 

Other 

Canadian  Government 

Centre  National  de  la  Recherche  Scientifique  (CNRS),  Paris  (French  Government) 
Laboratoire  d’Informatique  pour  la  Mecanique  et  les  Sciences  de  L’Ingenieur 
(LIMSI),  Paris  (French  Government) 
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COOPERATIVE  RESEARCH  & 
DEVELOPMENT  AGREEMENTS  (CRDAs) 


FY  1993 

RESEARCH  PARTNER  PROJECT 


Integrated  Services  Digital  Network  (ISDN) 

American  Computer  & Electronics  North  American  ISDN 

Corporation  Users’  Forum  (NIUF) 


Ameritech  Services  NIUF 

Ascom  Timeplex  NIUF 

AT&T  NIUF 

Baxter  Healthcare  Corporation  NIUF 

Bell  Atlantic  NIUF 

Bell  Communications  Research  NIUF 

Boeing  Computer  Support  Services,  Inc.  NIUF 

Defense  Information  Systems  Agency  NIUF 

Department  of  Defense  NIUF 

Department  of  the  Navy  NIUF 

Eastman  Kodak  Company  NIUF 

Electronic  Data  Systems  Corporation  NIUF 

First  Chicago  Corporation  NIUF 

Fujitsu  Netw^orks  Industry,  Inc.  NIUF 

General  DataComm,  Inc.  NIUF 

Gtech  Corporation  NIUF 

Hayes  Microcomputer  Products,  Inc.  NIUF 

IBM  Corporation  NIUF 

InteCom,  Inc.  NIUF 

Mitel  Corporation  NIUF 

National  Aeronautics  and  Space 
Administration  (NASA)  NIUF 

National  Information  Technology  Center  NIUF 

Network  Communications  Corporation  NIUF 

North  Carolina  State  University  NIUF 

Northern  Telecom,  Inc.  NIUF 

NYNEX  - Telesector  Resources  Group  NIUF 
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RESEARCH  PARTNER 

PROJECT 

Siemens  Stromberg- Carlson 

Southwestern  Bell  Telephone  Company 

TASC  (The  Analytical  Sciences  Corp.) 
Telebyte  Technology,  Inc 

Teleos  Communications,  Inc. 

University  of  Michigan 

U.S.  Air  Force,  Technology 

Integration  Center 

U S WEST 

West  Virginia  University 

COMSAT  Corporation 

NIUE 

NIUE 

NIUE 

NIUE 

NIUE 

NIUE 

NIUE 

NIUE 

NIUE 

Test  and  Demonstrate  ISDN 

Protocols  and  Services 

Datacom,  Inc. 

Tekelec,  Inc. 

EDI  and  ISDN 

ISDN  and  X-25  Conformance 

Test 

Network  Interoperability 

Extension  Technology  Group 

Development  of  Interoperability 
of  LAN-ISDN  Bridges /Routers 

Jersey  City  State  College 

Development  of  Interoperability 
of  LAN-ISDN  Bridges /Routers 

Network  Express 

Development  of  Interoperability 

Software  Standards  Validation 

Washington  Software  Technologies,  Inc. 

Basic  Test  Suite 

Speech  Recognition  Research 

Linguistic  Data  Consortium 

Corpora  to  Support  Human 
Language  Technology  Research 
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40 


GUEST  RESEARCHERS 

FY1993 


Guest  Scientists  and  Research  Associates 

Organizations  represented  include: 

Armament  Development  Authority,  Rafael,  Israel 
Bellcore,  Livingston,  New  Jersey 

Defense  Information  Systems  Agency,  Arlington,  Virginia 
Ecole  Normale  Superieure,  France 
George  Washington  University,  Washington,  D.C. 

Imperial  College  of  Science  and  Technology,  United  Kingdom 
Institute  of  Geology,  Beijing,  People’s  Republic  of  China 
Institut  d’Informatique  d’Enterprise,  France 
Institut  National  Des  Telecommunications,  France 
Ministry  of  Communications,  Taiwan 
National  Science  Foundation,  Washington,  D.C. 

Northeast  University  of  Technology,  People’s  Republic  of  China 
Quality  One  Softworks  Corporation,  Annandale,  Virginia 
Space  Science  and  Technology  Center,  People’s  Republic  of  China 
Syracuse  University,  Syracuse,  New  York 
Telecommunications  Laboratory,  Taiwan 
Telecom,  Paris,  France 

University  of  Maryland,  Baltimore,  Maryland 
University  of  Twente,  The  Netherlands 

Washington  Software  Technologies  Inc.,  Annandale,  Virginia 


Faculty  Appointments  10 

Iowa  State  University 

University  of  the  District  of  Columbia 

University  of  Maryland 

University  of  Pittsburgh 
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T 


PATENTS 

FY1993 


Approved 

1.  Object/Anti-Object  Neural  Network  Segmentation,  Charles  Wilson,  Michael 
Garris,  and  R.  Wilkinson,  issued  September  14,  1993 

Pending 

1.  (CURL)  Correlated  Run  Length  Algorithm  for  Detecting  Form  Structure 
Within  Digitized  Documents,  Michael  Garris 

2.  Synthetic  Perturbation  Tuning  of  Computer  Programs,  Gordon  Lyon 

3.  Multiple  Memory  Self-Organizing  Pattern  Recognition  Network,  Charles  Wilson 

4.  Automated  Recognition  of  Characters  Using  Optical  Filtering  with  Positive 
and  Negative  Functions  Encoding  Pattern  and  Relevance  Information, 
Charles  Wilson 

5.  Automated  Recognition  of  Characters  Using  Optical  Filtering  with  Maximum 
Uncertainty  - Minimum  Variance  (MUMV)  Functions,  Charles  Wilson  and 
James  Blue 

6.  Object/Anti-Object  Neural  Network  Segmentation,  Charles  Wilson  and 
O.  Omidvar 
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NIST  SPEC.  PUB. 

500-183 

500-184 

500-185 

500-186 

500-187 

500-188 

500-189 

500-190 


NIST  PUBLICATIONS 

NIST  COMPUTER  SYSTEMS 
TECHNOLOGY  SERIES 
FY  1991  - FT  1993 

TITLE 

Stable  Implementation  Agreements  for  Open  System  Interconnection  Protocols, 

Version  4,  Edition  1 , December  1 990 

Tim  Boland,  Workshop  Chairman 

December  1990  PB92- 126408  $35.00 

Functional  Benchmarks  for  Fourth  Generation  Languages 

By  Martha  M.  Gray  and  Gary  E.  Fisher 

March  1991  SN003-003-03071-6  $3.25 

Guide  to  Design,  Implementation  and  Management  of  Distributed  Databases 
By  Elizabeth  N.  Fong,  Charles  L.  Sheppard,  and  Kathryn  A.  Harvill 
February  1991  SN003-003-03076-7  $3.50 

Issues  in  Transparent  File  Access 
By  Karen  Olsen  and  John  Barkley 

April  1991  PB9 1-187831  $19.00 

Application  Portability  Profile  (APP)  The  U.S.  Government’s  Open  System 

Environment  Profile  OSE/ 1 Version  1.0 

April  1991  PB91-201004  $19.00 

Guide  to  Expert  System  Building  Tools  for  Microcomputers 
By  Christopher  E.  Dabrowski  and  Elizabeth  N.  Fong 
July  1991  SN003-003-03088-1  $8.50 

Security  in  ISDN 
By  William  E.  Burr 

September  1991  SN003-003-031 12-7  $4.25 

Proceedings  of  the  Workshop  on  High  Integrity  Software:  Gaithersburg,  MD; 
Jan.  22-23,  1991 

By  Dolores  R.  Weillace,  D.  Richard  Kuhn,  and  John  C.  Chemiavsky 
August  1991  SN003-003-03 108-9  $5.50 


SN  numbers  - stocked  by  GPO 
PB  numbers  - stocked  by  NTIS 
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NIST  SPEC. PUB. 
500-191 

500-192 

500-193 

500-194 

500-195 

500-196 

500-197 

500-198 

500-199 


TITLE 

Test  Methods  for  Optical  Disk  Media  Characteristics  for  356  mm  Ruggedized 
Magneto-optic  Media) 

By  Fernando  Podio 

September  1991  PB92-116409  $19.00 

Government  Open  Systems  Interconnection  Profile  Users’  Guide,  Version  2 
By  Tim  Boland 

October  1991  SN003-003-031 19-4  $9.50 

Software  Reengineering:  A Case  Study  and  Lessons  Learned 

By  Mary  K.  Ruhl  and  Mary  T.  Gunn 

September  1991  SN003-003-03 100-3  $2.25 

ISDN  Conformance  Testing,  Layer  1 — Physical  Layer,  Port  1 — Basic  Rate  S/T 
Interface,  User  Side 

Shukri  A.  Wakid  and  Kathleen  M.  Roberts,  Editors 
September  1991  PB92-102201  $19.00 

North  American  ISDN  Users’  Forum  Agreements  on  Integrated  Services  Digital 
Network 

Shukri  A.  Wakid  and  Kathleen  M.  Roberts,  Editors 
September  1991  PB92-102219  $26.00 

Guidelines  for  the  Evaluation  of  File  Transfer,  Access  and  Management 
Implementations 

By  Paul  Markovitz,  Steven  A.  Trus,  and  Curtis  Royster 

October  1991  SN003-003-03 120-8  $5.50 

Guide  to  Schema  and  Schema  Extensibility 
By  Bruce  K.  Rosen  and  Isabella  des  Fontaines 
November  1991  SN003-003-03 126-7  $2.25 

Monitoring  and  Reporting  Techniques  for  Error  Rate  and  Error  Distribution  in 
Optical  Disk  Systems 
By  Fernando  L.  Podio 

October  1991  SN003-003-03 125-9  $5.00 

The  3480  Type  Tape  Cartridge:  Potential  Data  Storage  Risks,  and  Care  and 
Handling  Procedures  to  Minimize  Risks 
By  Mark  Williamson 

November  1991  SN003-003-03 127-5  $3.50 

December  1991  SN003-003-03 135-6  $5.50 


SN  numbers  - stocked  by  GPO 
PB  numbers  - stocked  by  NTIS 
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NIST  SPEC. PUB. 

TITLE 

500-200 

Development  of  a Testing  Methodology  to  Predict  Optical  Disk  Life  Expectancy 
Values 

By  Fernando  L.  Podio 

December  1991  SN003-003-03 134-8  $5.00 

500-201 

Reference  Model  for  Frameworks  of  Software  Engineering  Environments 
Prepared  Jointly  by  NIST  and  the  European  Computer  Manufacturers 
Association  (ECMA) 

December  1991  SN003-003-03 135-6  $5.50 

500-202 

Stable  Implementation  Agreements  for  Open  Systems  Interconnection  Protocols, 
Version  5,  Edition  1,  December  1991 

December  1991  SN903-0 15-00000-4  $59.00  subscription 

500-203 

Conformance  Test  Specifications  for  COBOL  Intrinsic  Function  Module 

By  Carmelo  Montanez-Rivera  and  L.  Arnold  Johnson 

July  1992  SN003-003-03 172-1  $6.50 

500-204 

High  Integrity  Software  Standards  and  Guidelines 

By  Dolores  R.  Wallace,  Laura  M.  Ippolito,  and  D.  Richard  Kuhn 

September  1992  SN003-003-03 171-2  $6.50 

500-205 

Guidelines  for  the  Evaluation  of  Virtual  Terminal  Implementations 

By  Carol  A.  Edgar 

November  1992  SN003-003-03 189-5  $3.75 

500-206 

Stable  Implementation  Agreements  for  Open  Systems  Interconnection  Protocols, 
Version  6,  Edition  I , December  1 992 

Tim  Boland,  Workshop  Chairman:  Brenda  Gray,  Workshop  Editor 

December  1992  SN903-0 15-000 13-6  $109.00  domestic 

Available  by  subscription.  $136.25  foreign 

500-207 

TTie  First  Text  Retrieval  Conference  (TREC-I) 

By  Donna  K.  Harman 

November  1992  SN003-003-03207-7  $29.00 

500-208 

Manual  for  Data  Administration 

Judith  J.  Newton  and  Daniel  C.  Wahl,  Editors 

March  1993  PB93- 182053  $27.00 

500-209 

Software  Error  Analysis 

By  Wendy  W.  Peng  and  Dolores  R.  Wallace 

March  1993  SN003-003-03212-3  $7.00 

SN  numbers  - stocked  by  GPO 

PB  numbers  - stocked  by  NTIS 
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NIST  SPEC. PUB.  TITLE 


500-210  Application  Portability  Profile,  The  U.S.  Government’s  Open  System  Environment 
Profile  OSE/ 1 Version  2.0 

June  1993  SN003-003-03222-1  $6.50 

500-2 1 1 Reference  Model  for  Frameworks  of  Software  Engineering  Environments 
Prepared  jointly  by  NIST  and  the  European  Computer  Manufaeturers 
Association  (ECMA) 

August  1993  SN003-003-03227-1  $7.50 


SN  numbers  - stocked  by  GPO 
PB  numbers  - stocked  by  NTIS 


NIST  COMPUTER  SECURITY  SERIES 
FY  1991  - FY  1993 

NIST  SPEC. PUB.  TITLE 


800”  1 Computer  Security  in  the  1 980s:  Selected  Bibliography 
Rein  Turn,  Compiler,  and  Lawrence  E.  Bassham,  Editor 
December  1990  SN003”003”03060-1  $11.00 

800-2  Public-Key  Cryptography 
By  James  Nechvatal 

April  1991  SN003-003-03078-3  $9.00 

800-3  Establishing  a Computer  Security  Incident  Response  Capability  (CSIRC) 

By  John  P.  Wack 

November  1991  SN003-003-03121-6  $3.00 

800-4  Computer  Security  Considerations  in  Federal  Procurements:  A Guide  for 

Procurement  Initiators,  Contracting  Officers,  and  Computer  Security  Officials 
By  Barbara  Guttman 

March  1992  SN003-003-03 147-6  $6.00 

800-5  A Guide  to  the  Selection  of  Anti-Virus  Tools  and  Techniques 
By  W.  Timothy  Polk  and  Lawrence  E.  Bassham 
December  1992  SN003-003-03 188-7  $3.75 

800-6  Automated.  Tools  for  Testing  Computer  System  Vulnerability 
By  W.  Timothy  Polk 

December  1992  SN003-003-03 187-9  $3.25 

800-8  Security  Issues  in  the  Database  Language  SQL 
By  W.  Timothy  Polk  and  Lawrence  E.  Bassham 
August  1993  SN003-003-03225-5  $3.25 


SN  numbers  - stocked  by  GPO 
PB  numbers  - stocked  by  NTIS 
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NIST  INTEGRATED  SERVICES  DIGITAL 
NETWORK  TECHNOLOGY  SERIES 
FY  1992  - FY  1993 

NIST  SPEC. PUB.  TITLE 


823- 1 Overview  of  Integrated  Services  Digital  Network  Conformance  Testing 
By  Leslie  A.  Collica,  Kathleen  M.  Roberts,  and  David  Su 
March  1992  SN003-003-03 142-9  $1.75 

823-2  Integrated  Services  Digital  Network  Conformance  Testing,  Layer  1 — Physical 
Layer,  Part  2 — Basic  Rate  U Interface,  User  Side 
Daniel  P.  Stokesberry  and  Kathleen  M.  Roberts,  Editors 
March  1992  SN003-003-03 143-7  $5.00 

823-3  North  American  Integrated  Services  Digital  Network  Users'  Forum  Agreements  on  ISDN 
Daniel  P.  Stokesbeny,  Kathleen  M.  Roberts,  and  Tish  Antonishek,  Editors 
January  1993  SN003-003-03 197-6  $14.00 

823-4  Integrated  Services  Digital  Network  Conformance  Testing,  Layer  2 — Data  Link 
Layer  (LAPD),  Part  1 — Basic  Rate  Interface,  User  Side 
Daniel  P.  Stokesberry,  Leslie  Collica,  and  Kathleen  M.  Roberts,  Editors 
September  1993  SN003-003-03221-2  $49.00 


SN  numbers  - stocked  by  GPO 
PB  numbers  - stocked  by  NTIS 


CSL  BULLETINS 
Pr  1990  • FY  1993 

Wack,  J;  Kurzban,  S.;  Computer  Virus  Attacks.  August  1990. 

Roback,  E.;  Computer  Security  Roles  of  NIST  and  NSA.  February  1991. 
Radack,  S.;  The  GOSIP  Testing  Program.  May  1991. 

Saltman,  R.;  Security  Issues  in  the  Use  of  Electronic  Data  Interchange. 

June  1991. 

Boland,  T.;  File  Transfer,  Access  and  Management.  July  1991. 

Lennon,  E.;  The  NIST  POSIX  Testing  Program.  October  1991. 

Dray,  J.;  Advanced  Authentication  Technology.  November  1991. 

Wack,  J.;  Establishing  a Computer  Security  Incident  Response  Capability. 

February  1992. 

Branstad,  D.;  An  Introduction  to  Secmre  Telephone  Terminals.  March  1992. 

Mills,  K.;  Radack,  S.;  TCP/IP  or  OSI?  Choosing  a Strategy  for  Open  Systems. 

June  1992. 

Roback,  E.;  Disposition  of  Sensitive  Automated  Information.  October  1992. 
Roback,  E.;  Sensitivity  of  Information.  November  1992. 

Radack,  S.;  Using  Information  Technology  Standards  in  Federal  Acquisitions. 

December  1992. 

Dodson,  D.;  Roback,  E.;  Digital  Signature  Standard.  Januaiy  1993. 

Radack,  S.;  Guidance  on  the  Legality  of  Keystroke  Monitoring.  March  1993. 
Skall,  M.;  Rosenthal,  L.;  NIST  Computer  Graphics  Program.  April  1993. 
Roback,  E.;  Guttman,  B.;  Security  Issues  in  Public  Access  Systems.  May  1993. 
Wack,  J.;  Connecting  to  the  Internet:  Security  Considerations.  July  1993. 
Guttman,  B.;  Roback,  E.;  Security  Program  Management.  August  1993. 

Roback,  E.;  Guttman,  B.;  People:  An  Important  Asset  in  Computer  Security. 

October  1993. 
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PUB.  NUMBER 
NISTIR  4418 

NISTIR  4432 

NISTIR  4435 

NISTIR  4448 

NISTIR  4451 

NISTIR  4452 

NISTIR  4453 

NISTIR  4484 

NISTIR  4488 


OTHER  NIST  PUBLICATIONS 
FY  1991  - FY  1993 

TITLE 

State  Occupancy  Information  for  Performance  Comparisons 
By  Gordon  Lyon 

October  1990  PB91-112879  $15.00 

Status  of  PDES-Related  Activities  (Standards  & Testing) 

By  Cita  Furlani,  Joan  Wellington,  and  Sharon  Kemmerer 
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Computer  Graphics  Metafile  (CGM)  Test  Requirements  Document  (Update) 

By  Lynne  S.  Rosenthal 

April  1993  PB93- 198273  $19.50 

Comparison  of  Handprinted  Digit  Classifiers 
By  Patrick  J.  Grother  and  Gerald  T.  Candela 
June  1993  PB94-118213  $17.50 

Introduction  to  Traffic  Management  for  Broadband  ISDN 
By  Y.D.  Chang,  D.H.  Su,  and  S.A.  Wakid 
December  1993 

Validated  Products  List  1 993  No.  3 
(supersedes  NISTIR  5167) 

Judy  B.  Kailey,  Editor 

July  1993  PB93-937303  $27.00 

Report  of  the  NSF/NIST  Workshop  on  NSFNET/NREN  Security 
By  Arthur  E.  Oldehoeft 

May  1993  PB93-228682  $19.50 

Operating  Principles  of  the  VME  MultiKron  Interface  Board 
By  Alan  Mink,  John  W.  Roberts,  and  John  K.  Antonishek 
August  1993  PB93-234730  $17.50 

Report  of  the  NIST  Workshop  on  Digital  Signature  Certificate  Management, 
December  lO-II,  1 992 
Dennis  K.  Branstad,  Editor 
August  1993  PB94- 135001 


SN  numbers  - stocked  by  GPO 
PB  numbers  - stocked  by  NTIS 
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PUB.  NUMBER 


TITLE 


NISTIR  5238 

NISTIR  5243 

NISTIR  5247 

NISTIR  5249 

NISTIR  5258 

NIST/GCR  93-635 

NISTIR  5274 

NISTIR  5287 


User’s  Guide  for  the  Programmer’s  Hierarchical  Interactive  Graphics  System 
(PHIGS)  C Binding  Validation  Tests  (Version  2) 

By  Kevin  Brady  and  John  Cugini 

August  1993  PB93-228617  $17.50 

Towards  Flexible  Distributed  Information  Retrieval 

By  David  W.  Flater  and  Yelena  Yesha 

August  1993  PB94- 102258  $17.50 

Workshop  on  Security  Procedures  for  the  Interchange  of  Electronic  Documents: 
Selected  Papers  and  Results 
Roy  Saltman,  Editor 

August  1993  PB94-101854  $27.00 

NIST  Scoring  Package  Cross-Reference  for  Use  with  NIST  Internal  Reports  4950 
and  5129 

By  Miehael  D.  Garris 

August  1993  PB94- 103702  $17.50 

Towards  SQL  Database  Language  Extensions  for  Geographic  Information 
Systems 

Vincent  B.  Robinson  and  Henry  Tom,  Editors 
August  1993  PB94- 101847  $27.00 

Private  Branch  Exchange  (PBX)  Security  Guideline 
September  1993  PB94- 100880  $19.50 

Validated  Products  List  1993  No.  4 
(supersedes  NISTIR  5220) 

Judy  B.  Kailey,  Editor 

October  1993  PB93-937304  $27.00 

1978  Fortran  Compiler  Validation  System  User’s  Guide,  Version  2.1 

Software  Systems  Validation  Group 

August  1993  PB94-1 18460  $27.00 


SN  numbers  - stocked  by  GPO 
PB  numbers  - stocked  by  NTIS 
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PAPERS 

October  1992  Through  December  1993 

Bassham  III,  Lawrence  E.;  Polk,  W.  Timothy;  Precise  Identification  of 
Computer  Viruses.  Proceedings  of  the  15th  National  Computer  Security 
Conference.  October  13-16,  1992. 

Patent:  Tian  J.;  Zelkowltz,  Marvin;  An  Improved  Classification  Tree  Analysis 
of  High  Cost  Modules  Based  Upon  an  Axiomatic  Definition  of  Complexity. 

IEEE  3rd  International  Symposium  on  Software  Reliability  Engineering, 
Research  Triangle  Park,  NC.  October  1992. 

Moline,  Judi;  Towards  Open  Multimedia  Systems  for  Museum  Objects  and 
Their  Documentation.  Spectra  1992. 

Boland,  Frederick  T.;  Working  Implementation  Agreements  for  Open 
Systems  Environment  Implementors’  \^orkshop.  Output  from  December 
1992  Workshop. 

Bassham  III,  Lawrence  E.;  Polk,  W.  Timothy:  A Proposal  for  the  Precise  Iden- 
tification of  Computer  Viruses.  Proceedings  at  the  Third  Conference  of  the 
European  Institute  of  Computer  Anti-Virus  Researchers.  December  1992. 

Geist,  Jon;  Wilkinson,  R.  Allen;  OCR  Error  Versus  Rejection  Rate  for 
Isolated  Handprint.  IS&T/SPI  1993  Symposium  on  Electronic  Imaging. 
December  1992. 

Burr,  William  E.;  Brandstad,  Dennis  K.;  Security  of  the  Integrated  Service 
Digital  Network,  Handbook  of  Information  Security  Management, 

Ruthberg,  Zella  G.;  Tipton,  Harold:  Editors.  Auerback  Publications.  1993. 

Watson,  Craig  L;  NIST  Special  Database  9:  Mated  Fingerprint  Card  Pairs, 
Volumes  1-5.  February  1993. 

Landberg,  Theodore;  Stable  Implementation  Agreements  for  Open  Systems 
Environment  Implementors’  Workshop.  Output  from  March  1993  Workshop. 

Pallet!,  David  S;  Fiscus,  Jonathan;  Fisher,  Gary  E.;  Fisher,  William  M.;  and 
Garofolo,  John  S.;  Benchmark  Tests  for  the  DARPA  Spoken  Language 
Program.  Proceedings  of  Human  Language  Technology  Workshop,  Morgan 
Kaufmann  Publishers.  March  1993. 

Ferralolo,  David  F.;  Gilbert,  Dennis  M.;  Lynch,  Nickilyn;  Assessing  Federal 
and  Commercial  Information  Security  Needs.  Proceedings  of  the  16th  Inter- 
national Computer  Security  Virus  Conference  and  Exposition,  New  York  City, 
NY.  March  1993. 
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Lennon,  Elizabeth  B.;  North  American  Integrated  Services  Digital  Network 
(ISDN)  Users’  Forum  (NIUF),  October  26-30,  1992.  NIST  Journal  of 
Research.  March /April  1993. 

Linn,  Richard  J.;  Copyright  and  Information  Services  in  the  Context  of  the 
NREN.  Proceedings  of  Conference  on  Technological  Strategies  for  Protecting 
Property  in  the  Networked  Multimedia  Environment,  JFK  School  of  Government, 
Cambridge,  MA.  April  1993. 

Omidvar,  Omid;  Wilson,  Charles  L.;  Optimization  of  ART  Network  with 

Boltzmann  Machine.  Proceedings  of  SPIE  Intelligent  Information  Systems, 
Orlando,  FL.  April  1993. 

Zelkowitz,  Marvin  V.;  Use  of  an  Environment  Classification  Model.  Proceed- 
ings of  ACM/IEEE  15th  International  Conference  On  Software  Engineering, 
Baltimore,  MD.  May  1993. 

Wallace,  Dolores  R.;  Verification  and  Validation  of  Engineered  Software. 

DAMA  Symposium;  Standards  for  Reengineering,  Gaithersburg,  MD.  May 
1993. 

Wakid,  Shukri;  Stokesbeny,  Daniel;  ISDN  in  North  America;  IEEE 
Communications  Magazine.  May  1993. 

Bagg,  Thomas  C.;  The  Dilemma  - Preservation  Versus  Access.  The  Library  of 
Congress  Round  Table  on  Preservation  Research  and  Development,  Library  of 
Congress.  June  1993. 

Burrows,  James  H.;  Radack,  Shirley  M.;  Information  Technology  Standards 
in  a Changing  World:  The  Role  of  the  Users.  Workshop  on  Economic 
Dimension  of  IT  Standards;  Tokyo,  Japan. 

Rosenthal,  Robert;  Recommendations  for  Secme  Lower  Layer  Communica- 
tions Protocols  in  U.S.  Government  OSI  Networks.  MITRE  Working  Paper. 
June  1993. 

Gallagher,  Keith;  Lyle,  James  R.;  Software  Safety  and  Program  Slicing. 

Proceedings  of  COMPASS  ’93,  IEEE.  June  1993. 

Jansen,  Wa3rne  A.;  Conformance  Testing  of  Lower  Layer  Security  Protocol. 

Symposium  on  Military  Communications  Network,  The  Hague,  Netherlands. 
June  1993. 

Nazario;  Noel  A.;  Standard  Security  Labels  for  Open  Systems  Communications. 

Technical  paper  for  NATO  Symposium  on  Communications  and  Information 
System  Security.  June  1993. 
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Geist,  Jon  C.;  Wilkinson,  R.  Allen;  Half-Integral  Constiuat  Voltage  Steps  in 
High  Grain  Boundary  Junctions.  Applied  Physics  Letters. 

Radack,  Shirley  M. ; Industry/Govemment  Open  Systems  Specification: 

The  Development  of  GOSIP  Version  3.  Federation  Facts,  Federation  of 
Government  Information  Processing  Councils. 

Wilson,  Charles  L. ; A New  Self-Organizing  Neural  Network  Character  Recog- 
nition Using  Adaptive  Filtering  and  Feature  Extraction.  Progress  in  Neural 
Networks,  1993. 

Fisher,  William  M.;  Fiscus,  Jonathan  G.;  Better  Alignment  Procedures  for 
Speech  Recognition  Evaluation.  International  Conference  on  Acoustics, 

Speech  and  Signal  Processing,  IEEE.  1993. 

Wallace,  Dolores.  R.;  Lennon,  Elizabeth  B.;  COMPASS  ’93  Eighth  Annual 
Conference  on  Computer  Assurance.  NIST  Journal  of  Research. 

July /August  1993. 

Favreau,  Jean-Philippe;  ISO  9000  Tutorial,  August  1993. 

Kuhn,  Richard;  Edfors,  Patricia;  Howard,  Victoria;  Caputo,  Chuck;  Phillips, 

Ted;  Improving  Public  Switched  Network  Security  in  an  Open  Environ- 
ment. IEEE  Computer.  August  1993. 

Yesha,  Yelena;  An  Information  Retrieval  System  for  Network  Resources. 
Proceedings  of  International  Workshop  on  Next  Generation  Information 
Technologies  and  Systems.  August  1993. 

Wakid,  Shukri;  Cypher,  David;  Standardization  for  ATM  and  Related  B-ISDN 
Technologies.  ACM-Standard  View.  September  1993. 

Cavalli,  A.R.;  Favreau,  Jean- Philippe;  Phalippou,  M.;  Formal  Methods  in 
Conformance  Testing:  Results  and  Perspectives.  Proceedings  of  the  6th 
International  Workshop  on  Protocol  Test  Systems,  Pau,  France.  September  1993. 

Ferraiolo,  David  F;  Gilbert,  Dennis  M.;  Lynch,  Nickilyn;  An  Examination  of 
Federal  and  Commercial  Access  Control  Policy  Needs.  Proceedings  of  the 
16th  National  Computer  Security  Conference,  Baltimore,  MD.  September  1993. 

Jansen,  Wayne  A.;  SDNS  Security  Management,  16th  National  Computer 
Security  Conference,  Baltimore,  MD.  September  1993. 

Jansen,  Wayne  A.;  Walters,  Dale  L.;  Choosing  Among  Standards  for  Lower 
Layer  Security  Protocols.  Proceedings  of  the  16th  National  Computer 
Security  Conference,  Baltimore,  MD.  September  1993. 
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Saltman;  Roy  G.;  An  Integrity  Model  is  Needed  for  Computerized  Voting 
and  Similar  Systems.  16th  National  Computer  Security  Conference, 
Baltimore,  MD.  September  1993. 

Cuthill,  Barbara;  Object-Oriented  Design  for  Safety  Critical  Systems. 

Digital  Systems  Reliability  of  Nuclear  Safety  Workshop.  September  1993. 

Landberg,  Theodore:  Working  Implementation  Agreements  for  Open 
Systems  Interconnection  Protocols.  Output  from  September  1993  OIW 
Workshop. 

Lennon,  Elizabeth  B.;  Special  Eklition  CSL  Bulletin  for  the  Automotive 
Suppliers  Excellence  Conference,  Greenville,  SC.  September  1993. 

Brown,  A;  Carney,  D;  Obemdoft,  P;  and  Zelkowitz,  Marvin:  A Project  Support 
Environment  Reference  Model.  Tri  Ada  Conference,  Seattle,  Washington. 
September  1993. 

Lennon,  Elizabeth  B.;  North  American  Integrated  Services  Digital  Network 
(ISDN)  Users’  Forum  (NIUF),  June  22-25,  1993.  NIST  Journal  of  Research. 
September/October  1993. 

Polk,  W.  Timothy:  Approidmating  Clark-Wilson,  Access  Triples  with  Basic 
UNIX  Controls.  Proceedings  of  the  USENIX  UNIX  Security  Symposium  W. 
October  1993. 

Chang,  Yoon:  Su,  David  H.:  Wakid,  Shukri;  Qian,  X.:  Vaman.  The  Generic 
Flow  Control  (GFC)  Protocol,  A Performance  Assessment.  Conference  on 
Network  Protocols.  IEEE  Transactions.  October  1993. 

Wilson.  Charles  L.;  Omidvar,  Omid:  Information  Content  in  Nemal  Net 

Optimization.  Journal  of  Connection  Science.  1993. 

Branstad,  Dennis  K.:  Foreword  to  Book,  Computer  Communications 
Secmdty:  Principles,  Standard  Protocols  and  Techniques. 

Wallace,  Dolores  R.:  Lyle,  James  R.;  Ippolito,  Laura;  Gallagher,  Keith  B.; 

Accessing  Functional  Diversity  by  Program  Slicing.  Proceedings  of  21st 
Water  Reactor  Safety  Information  Meeting.  October  1993. 

Li,  N.R:.  and  Zelkowitz,  Marvin;  An  Information  Model  for  Use  in  Software 
Management  Estimation  and  Prediction.  2nd  International  Conference  on 
Information  and  Knowledge  Engineering,  Washington,  D.C.  November  1993. 

Favreau,  Jean- Philippe;  ISO/IEC  Workshop  on  Worldwide  Recognition  of 
OSI  Test  Results;  Regional  Progress  - North  America.  Proceedings  of 
JITCLC  Meeting.  November  1993. 
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Nightingale,  Stephen  J.;  Registration:  Practice  and  Pitfalls.  Proceedings  of 
the  Second  Workshop  on  Worldwide  Registration  of  OSI  Test  Results,  Brussels, 
Belgium.  November  1993. 

Flater,  David  W.;  Yesha,  Yelena;  Towards  Flexible  Distributed  Information 
Retrieval.  Lecture  Notes  in  Computer  Science,  Springer- Verlag,  Publisher. 
1993. 

Saltman,  Roy  G.;  Planning  the  Infrastructure  for  Global  Electronic 
Commerce.  Journal  of  Electronic  Data  Interchange. 

Burrows,  James  H.;  Radack,  Shirley  M.;  Information  Technology  Standards 
in  a Changing  World:  The  Role  of  the  Users.  World  Computer  Law  Congress. 

Binkley,  Dave;  Slicing  in  the  Presence  of  Parameter  Aliasing.  Proceedings  of 
the  3rd  Annual  Software  Engineering  Research  Forum,  Orlando,  FL.  November 
1993. 

Lyle,  James  R.;  Program  Slicing  in  the  Presence  of  Pointers.  Proceedings  of 
the  3rd  Annual  Software  Engineering  Research  Forum,  Orlando,  FL.  November 
1993. 

Wardle,  Caroline  E.;  Wallace,  Dolores  R.;  SQA  and  TQM  in  Software  Quality 
Improvement.  Proceedings  of  the  3rd  Annual  Software  Engineering  Research 
Forum,  Orlando,  FL.  November  1993. 

Radack,  Shirley  M.;  Computer  Networks:  Challenges  for  the  1990’s  Federal 
Data  Center  Issues.  A View  to  the  Future.  Federal  Data  Center  Directors 
Annual  Conference.  November  1993. 

Radack,  Shirley  M.;  Federal  Information  Processing  Standards:  What’s 
New.  Federation  Facts,  Federation  of  Government  Information  Processing 
Councils. 

Rosenthal,  Lynne,  S.;  Skall,  Mark,  W.;  CGM  Conformance  Testing  Basics  - 
Why  and  How.  CALS  Journal.  Winter  1993. 

Arkin,  E.M.;  Goodrich,  G.T.;  Mitchell,  J.S.B.;  Mount,  D.;  Piatko,  Christine  D.; 
Skiena,  S.S.;  Point  Probe  Decision  Trees  for  Geometric  Concept  Classes. 

Workshop  on  Algorithms  and  Data  Structures  Vol  709  of  Lecture  Notes  in 
Computer  Science.  Springer  Verlag,  Publisher.  1993. 

Wilson,  Charles  L.;  Ehraluation  of  Character  Recognition  Systems.  Proceed- 
ings of  IEEE  Workshop  on  Neural  Network  for  Signal  Processing  III.  1993. 
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Blue,  James  L.,  Candela,  Gerald;  Grother,  Patriek  J.;  Chellappa,  Ramalingam; 
and  Wilson,  Charles  L. ; Evaluation  of  Pattern  Classifiers  for  Fingerprint 
and  OCR  Applications.  1993. 

Newton,  Judith  J;  Data  Administration  Management  Association  Symposium, 
May  11-12,  1993,  NIST,  Gaithersburg,  MD.  NIST  Journal  of  Research, 
November/ December  1993. 

Jansen,  Wayne;  A Second  Look  at  the  SDNS  Key  Management  Protocol. 

Proceedings  of  the  9th  Annual  Computer  Security  Applications  Conference. 
December  1993. 

Zelkowitz,  Marvin;  The  Role  of  Verification  in  the  Software  Specification 
Process;  Advances  in  Computers.  1993. 

Gostin,  L.;  Turek-Brezina,  J.;  Powers,  M.;  Kozloff,  R.;  Faden,  R.;  Steinauer,  D.; 

Privacy  and  Secmity  of  Personal  Information  in  a New  Health  Care  System. 

Journal  of  the  American  Medical  Association. 
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mm. 

CONFERENCES  AND  WORKSHOPS 

October  1992  - December  1993 

1992 


October  9 

Lecture  Series  on  High  Integrity  Systems 

October  13-16 

15th  National  Computer  Security  Conference  (cosponsored  by  National 
Computer  Security  Center  [NCSC]) 

October  26-30 

North  American  ISDN  Users’  Forum  (NIUF) 

November  4-6 

First  Text  Retrieval  Conference  (TREC)  (cosponsored  by  Defense  Advanced 
Research  Project  Agency  [DARPA]) 

November  9 

NIST  Integrated  Software  Engineering  Environments  (ISEE)  Users’  Forum 

November  10 

Applications  Portability  Profile/Open  Systems  Environment  (APP/OSE)  Users’ 
Forum 

November  16-20 

Transcontinental  ISDN  Project  ’92  (TRIP  ’92)  (cosponsored  by  Corporation  for 
Open  Systems) 

November  30 

Computer  Security  Day 

December  1 

Lecture  Series  on  High  Integrity  Systems 

December  7 

GOSIP  Procurement  Symposium 

December  10-11 

Workshop  on  High  Integrity  Software 

December  14-18 

OSE  Implementors’  Workshop  (OIW)  (cosponsored  by  the  IEEE  Computer 
Society) 

1993 


February  8-12 

NIUF 

February  17-18 

Symposium  on  Digital  Signature  Applications 

Februaiy  23 

Software  Producibility  MODIL  Workshop 

February  23-24 

Federal  Information  Systems  Security  Educators’  Association  (FISSEA) 

February  25 

Lecture  Series  on  High  Integrity  Systems 

March  8-12 

OIW  (cosponsored  by  the  IEEE  Computer  Society) 

April  13 

DARPA  Spoken  Language  Technology  and  Applications  Day 

April  19-21 

Sigcat  ’93  National  Conference  on  CD-ROM 

1993 


April  28 

Lecture  Series  on  High  Integrity  Systems 

May  1 1-12 

6th  Annual  Data  Administration  Management  Management  Association  (DAMA) 
Symposium 

May  17-19 

Federal  Wireless  Users  Forum  (FWUF)  (cosponsored  by  National  Communica- 
tions System) 

May  25-26 

APP/OSE  Users’  Forum 

June  7-11 

OrW  (co-sponsored  by  IEEE  Computer  Society) 

June  14-17 

COMPASS  ’93  8th  Annual  Conference  on  Computer  Assurance  (cosponsored  by 
IEEE  and  the  IEEE  Aerospace  and  Electronic  Systems  Society) 

June  21-25 

NIUF 

July  20-21 

Workshop  on  Information  Technology  Security  Training  and  Professional  Devel- 
opment (cosponsored  by  Federal  Computer  Security  Program  Managers’  Forum; 
FISSEA;  International  Information  Systems  Security  Certification  Consortium; 
and  the  National  Security  Agency) 

August  17-18 

Nuclear  Industry  Symposium 

August  26 

MODIL  Workshop  on  Incentives 

August  30  Sept  1 

Text  Retrieval  Conference  (TREC2)  (cosponsored  by  DARPA) 

September  13-14 

Digital  Systems  Reliability  and  Nuclear  Safety  Workshop  (cosponsored  by 
Nuclear  Regulatory  Commission) 

September  13-17 

OrW  (cosponsored  by  IEEE  Computer  Society) 

September  20-23 

16th  National  Computer  Security  Conference  (cosponsored  by  NCSC) 

September  27-29 

FWUF  (cosponsored  by  National  Communications  System) 

October  18-22 

NIUF 

October  29 

Lecture  Series  on  High  Integrity  Systems 

November  16-17 

APP/OSE  Users’  Forum 

November  30 

Computer  Security  Day 

December  6-10 

OrW  (cosponsored  by  the  IEEE  Computer  Society) 

December  16 

Lecture  Series  on  High  Integrity  Systems 
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PLANNED  CONFERENCES  AND  WORKSHOPS 


1994 


January  12-13 

NIST  Workshop  on  the  Computer  Interface  to  Flat  Panel  Displays 

January  18-20 

FWUF  (cosponsored  by  National  Communications  System) 

February  7-11 

NIUF 

February  22-23 

FISSEA 

March  8 

Lecture  Series  on  High  Integrity  Systems 

March  14-18 

OIW  (cosponsored  by  the  IEEE  Computer  Society) 

May  9-10 

7th  Annual  DAMA  Symposium 

May  10 

Lecture  Series  on  High  Integrity  Systems 

May  1 1-12 

APP/OSE  Users’  Forum 

June  7-9 

FWUF  (cosponsored  by  National  Communications  System) 

June  13-17 

OrW  (cosponsored  by  the  IEEE  Computer  Society) 

June  20  - 24 

NIUF 

June  27-July  1 

COMPASS  ’94  (cosponsored  by  IEEE  and  the  IEEE  Aerospace  and  Electronic 
Systems  Society) 

September  12-16 

OIW  (cosponsored  by  the  IEEE  Computer  Society) 

September  26-28 

FWUF  (cosponsored  by  National  Communications  System) 

October  3-7 

NIUF 

November  15-16 

APP/OSE  Users’  Forum 

December  12-16 

OrW  (cosponsored  by  the  IEEE  Computer  Society) 
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TALKS 


During  the  past  year,  CSL  staff  members  presented  papers  and  gave  talks  to  a 
large  number  of  external  organizations,  including  the  following: 

Advanced  Research  Projects  Agency  (ARPA) 

Aerospace  Industry  Association 

Air  Force  Brilliant  Eyes  Technology  Conference 

American  National  Standards  Institute  (ANSI) 

American  Bar  Association 

American  Society  for  Industrial  Security 

America’s  Telecommunications  Standards  Symposium 

Armed  Forces  Communications  and  Electronics  Association  (AFCEA) 

Association  for  Computing  Machinery  (ACM) 

Bell  Atlantic 
Bureau  of  Census 

Canadian  Communications  Security  Establishment 
Canadian  GTA,  Government  Telecommunications  Agency 

ClKM-93  2nd  International  Conference  on  Information  and  Knowledge  Manage- 
ment 

Computer-aided  Acquisition  and  Logistic  Support  (CALS)  EXPO  ’93 
Computer  and  Business  Equipment  Manufacturers  Association  (CBEMA) 
Computer  Integrated  Manufacturing  Conference 
Council  of  Federal  Data  Center  Directors 
CRYPTO  ’93 

Data  Administration  Management  Association  (DAMA) 

Data  Interchange  Standards  Association 
Data  Processing  Management  Association 
Defense  Information  Systems  Agency  (DISA) 

Department  of  Defense 
Department  of  Education 
Department  of  Energy 
Department  of  Justice 
Department  of  the  Treasury 
Department  of  Veterans  Affairs 
Dynacorp  Meridian 

EDI  and  Government  Computer  News  Conference 
Electronic  Data  Interchange  National  Conference 
European  ISDN  Users’  Forum 
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Federal  Aviation  Administration 
Federal  Bureau  of  Investigation 
Federal  Government  Industry  Poliey  Couneil 

Federal  Information  Systems  Security  Educators’  Association  (FISSEA) 

Federal  Networking  Council 

Federal  Wireless  Users’  Forum  (FWUF) 

Federation  of  Government  Information  Processing  Councils 

Fingerprint  Image  Analysis  Workshop 
Frederick  County  Board  of  Education 

Geographic  Information  & Spatial  Data  Exposition  (GISDEX) 

George  Washington  University 

Goethe  University  Medical  Center,  Frankfurt  on  Main,  Germany 
Government  Users’  ISDN  Security  Conference 

Hewlett-Packard 

Information  Systems  Security  Association 
Institute  of  Supercomputing  Research  of  Japan 
Institute  of  Electrical  and  Electronics  Engineers  (IEEE) 

Integration  Definition  (IDEF)  Language  Users’  Group 
Interagency  Working  Group  on  Management  of  Data  for  Global  Change 
Intergovernmental  Council  of  Information  Processors 
Internal  Revenue  Service  (IRS) 

International  Conference  on  Parallel  Processing 
International  Data  Administration  Symposium 
International  Security  Symposium 
International  SIGIR  Conference 
INTEROP  ’93 

Johns  Hopkins  University 

LASERS  and  Electro -Optics  Society  (LEOS) 

Library  of  Congress 

Los  Alamos  National  Laboratory  - Workshop  on  Parallel  Computers 

MITRE  Corporation 
Mumps  Users’  Group 
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National  Aeronautics  and  Space  Administration 

National  Communications  System 

National  Computer  Center 

National  Engineering  Consortium 

National  On-Line  Conference 

National  Computer  Security  Conference 

NATO  Conference  on  Affordable  Communications  and  Information  Systems  Security 
NCR  Corporation 

North  American  ISDN  Users’  Forum  (NIUF) 

Northeastern  University 
Nuclear  Regulatory  Commission 

Office  of  Technology  Assessment 

Open  Systems  Environment  (OSE)  Implementors’  Workshop  (OfW) 

Overseas  Security  Advisory  Council 

Paramax  Systems  Corporation 
Patent  and  Trademark  Office  (PTO) 

Research  Institute  of  Telecommunications  Transmission,  China 

Social  Security  Administration  (SSA) 

Software  Engineering  Institute 
Smithsonian  Seminar  on  Scientific  Imaging 
SQL  Access  Group 

Symposium  on  Computer  Applications  in  Medical  Care  (SCAMC  ’93) 

Symposium  on  Military  Communication  Networks 

Texas  Instrument  Corporation 

Text  REtrieval  Conferences  (TREC  and  TREC-2) 

United  States  Customs  Service 
University  of  Maryland 
University  of  Pittsburgh 

Washington  Area  ISDN  User  Group 
World  Bank 

X/OPEN 
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ELECTRONIC  PRODUCTS 


Standard  Reference  Databases  Developed  by  CSL 

NIST  Special  Databases 

1.  NIST  Binary  Images  of  Printed  Digits,  Alphas,  and  Text 

2.  NIST  Struetured  Forms  Referenee  Set  of  Binary  Images  (SFRS) 

3.  NIST  Binary  Images  of  Handwritten  Segmented  Characters 

4.  NIST  8-Bit  Gray  Scale  Images  of  Fingerprint  Image  Groups 

5.  IVTANTHERMO  PC 

6.  NIST  Structured  Forms  Reference  Set  of  Binary  Images  II  (SFRS2) 

7.  NIST  Test  Data  1:  Binary  Images  of  Handprinted  Segmented  Characters  (TSTI) 

8.  NIST  Machine-Print  Database  of  Gray  Scale  and  Binary  Images  (MPDB) 

9.  NIST  Mated  Fingerprint  Card  Pairs  fVoIumes  1-5) 

10. Supplemental  Fingerprint  Card  Data  (SFCD)  for  NIST  Special  Database  9 
1 1. Mated  Fingerprint  Card  Pairs  2 (MFCP2) 

NIST  Special  Software 

NIST  Scoring  Package  Release  1.0 

Standard  Reference  Materials  (SRMs)  Developed  by  CSL 


LM[  Number 

Description 

3200 

Magnetic  Tape-Reel 

3201 

Sec.  Std.  Mag.  Tape  Cartridge 

3202 

Sec.  Std.  Mag.  Tape  (12.65mm) 

3203 

Magnetic  Tape 

3204 

Magnetic  Tape 

3217 

Mag  Tape  Cart  Hi  Density 

9529 

Flexible  Disk  90 
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ELECTRONIC  BULLETIN  BOARDS 


CSL  operates  three  electronie  bulletin  boards  for  information  exchange: 


Information  about  computer  security 
9600  baud  only 


(301)  948-5717 
(301)  948-5140 


or  type  ’telnet  cs-bbs. nist.gov’  or  ’telnet  129.6.54.30’.  To  download  files, 
type  ’ftp  csrc.nist.gov’  or  ’ftp  129.6.54.1 1’.  Log  in  to  account  anonymous, 
using  your  Internet  address  as  the  password.  BBS  files  are  located  in 
directory  bbs. 

or  type  ’telnet  gopher.nist.gov’  or  ’telnet  129.6.2.2’ 

Information  about  data  management  (301)  948-2048 

activities  and  applications  and  948-2059 

Information  about  the  North  American  (301)  869-7281 

Integrated  Services  Digital  Network 
(ISDN)  Users’  Forum  (NIUF) 

or  telnet  to  129.6.53. 1 1 on  the  ARPANET/DDN. 


Users  can  reach  the  bulletin  boards  by  dialing  the  numbers  listed  above. 
Terminals  should  have  the  following  capabilities: 

ASCII,  300,  1200,  or  2400  baud  (9600  baud  available  for  computer  security 
bulletin  board  only) , 8 bits  with  no  parity  or  7 bits  with  even  parity,  1 stop  bit. 

If  a connection  is  not  established  at  the  end  of  two  rings  or  if  the  line  is  busy, 
hang  up  and  try  again. 

After  “CONNECT,”  strike  the  carriage  return  twice  and  the  system  will  be  ac- 
cessed. The  system  will  now  guide  you  through  the  bulletin  board  by  asking 
key  questions  and  providing  helpful  menus. 
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ACCESSING  INFORMATION  ON 
VALIDATED  PRODUCTS 


CSL  publishes  a Validated  Products  List  (VPL),  a collection  of  registers  describ- 
ing implementations  of  Federal  Information  Processing  Standards  (FIPS)  that 
have  been  validated  for  conformance  to  FIPS.  Updated  quarterly,  the  list  also 
contains  information  about  the  organizations,  test  methods,  and  procedures 
that  support  the  validation  programs. 

The  VPL  contains  conformance  testing  information  for  the  following  information 
technology  standards:  Programming  Languages  COBOL,  Fortran,  Ada,  Pascal, 
C,  and  MUMPS:  Database  Language  SQL;  Graphics;  GOSIP;  POSIX;  and  Com- 
puter Security.  Entries  in  the  printed  VPL  are  contained  in  WordPerfect, 

Version  5. 1 files. 

To  access  the  VPL  via  the  Internet: 

Type:  ftp  speckle.ncsl.nist.gov  (internet  address  is  129.6.59.2) 

Login  as  user  ftp 

Type  your  e-mail  address  as  the  password 
Type:  cd  pub/vpl 
Type:  binary 
Type:  dir 
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USER  GROUPS  SPONSORED  BY  CSL 


The  Open  System  Environment  (OSE)  Implementors’  Workshop  (OIW),  co- 
sponsored by  the  IEEE  Computer  Society,  meets  four  times  a year  to  discuss 
detailed  implementation  specifications  for  OSE  standards. 

CONTACT:  Albert  Landberg 

B-266  Technology  Building 

National  Institute  of  Standards  and  Technology 

Gaithersburg,  MD  20899-0001 

Telephone:  (301)  975-2245 

E-mail:  landberg@micf.nist.gov 

The  joint  ISDN  Users’  Workshop  and  ISDN  Implementors’  Workshop  of  the 
North  American  ISDN  Users’  Forum  (NIUF)  meets  three  times  a year  to  ad- 
dress application  requirements  and  to  develop  application  profiles  for  ISDN 
products  and  services. 

CONTACT:  Dawn  Hoffman 

B-364  Materials  Building 

National  Institute  of  Standards  and  Technology 
Gaithersburg,  MD  20899-0001 
Telephone:  (301)  975-2937 
E-mail:  dawn@isdn.ncsl.nist.gov 

The  Applications  Portability  Profile/Open  System  Environment  (APP/OSE) 
Users’  Forum  meets  twice  a year  to  identify  federal  requirements  and  to  dis- 
cuss the  development  of  an  architectural  approach  to  applications  portability 
in  an  open  system  environment. 

CONTACT:  Joe  Hungate 

B-266  Technology  Building 

National  Institute  of  Standards  and  Technology 

Gaithersburg,  MD  20899-0001 

Telephone:  (301)  975-3368 

E-mail : hungate@ swe . ncsl . nist . gov 

The  Federal  Wireless  Users’  Forum,  co-sponsored  by  the  National  Communi- 
cations System,  meets  three  a year  to  provide  information  on  wireless  technol- 
ogy and  capabilities,  to  identify  the  needs  of  federal  users,  and  to  address 
wireless  communications  issues. 

CONTACT:  Tish  Antonishek 

A-216  Technology  Building 

National  Institute  of  Standards  and  Technology 

Gaithersburg,  MD  20899-0001 

Telephone:  (301)  975-2922 

E-mail:  tish@dsys.ncsl.nist.gov 
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FIPS  PUBLICATIONS  LIST 
BY  FIPS  NUMBER 

1993  December 


FIPS  NO.  CATEGORY  TITLE-DATE 


CHANGE  NOTICES 


0 


1-2 


2-1 


3-1 


4-1 


5-2 


6-4 


7 


8-5 


9-1 


(1) P  General  Description  of  FIPS  Register 

68  Nov  01 

(2&3)S  Code  for  Information  Interchange,  Its 

Representations,  Subsets,  and  Extension 
(ANSI  X3.4-1986R92,  X3.41-1990,  X3,41-1990) 

84  Nov  14 

(2) S  Perforated  Tape  Code  for  Information  Interchange 

(ANSI  X3.6-1965/R1965/R1983  & R1991) 

84  Nov  14 

WITHDRAWN 

(4)S  Representation  for  Calendar  Date  and  Ordinal  Date 

for  Information  Interchange  (ANSI  X3.30-1985/R1991) 
88  Jan  27 

(4)S  Codes  for  the  Identification  of  the  States,  the 

District  of  Columbia  and  the  Outlying  Areas  of  the 
United  States,  and  Associated  Areas 
87  May  28 

(4)S  Counties  and  Equivalent  Entities  of  the  United  States, 
Its  Possessions,  and  Associated  Areas 
90  Aug  31 

WITHDRAWN 

(4}S  Metropolitan  Statistical  Areas  (MSAs) 

(Including  CMSAs,  PMSAs,  and  NECMAs) 

84  Oct  31 

(4)S  Congressional  Districts  of  the  U.S. 

90  Nov  30 


1 


1 


1 


2 

1 


6 


* Approved  in  1993 

Categoiy  Key:  (1)  General  Publications  (2)  Hardware  Standards/guidelines  (3)  Software 
Standards/guidelines  (4)  Data  Standards/guidelines  (5)  Computer  Security  Standards/guidelines 
(6)  ADP  Operations  Standards/guidelines  (7)  Telecommunications  Standards 

S-Standard  G-Guideline  P-Program  Information  Document 
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FIPS  NO.  CATEGORY 


TITLE-DATE 


CHANGE  NOTICES 


10-3 

(4)S 

Countries,  Dependencies,  Areas  of  Special 

Sovereignty,  and  their  Principal  Admin.  Divs. 

84  Feb  09 

15 

11-3 

(3)G 

Guideline:  American  National  Dictionary  for 

Inform.  Systems  (ANSI  X3. 172-1990  & X3. 172A-1992) 

91  Feb  01 

1 

12-2 

WITHDRAWN 

1 

13 

(2)S 

Rectangular  Holes  in  Twelve-Row  Punched  Cards 
(ANSI  X3.21-1967/R1980  & R1991) 

71  Oct  01 

14-1 

(2)S 

Hollerith  Punched  Card  Code  (ANSI  X3.26-1980/R1991) 

80  Dec  24 

15 

WITHDRAWN 

1 

16-1 

(7)S 

Bit  Sequencing  of  Code  for  Information  Interchange 
in  Serial-By-Bit  Data  Transmission 
(ANSI  X3.15-1976/R1983  & R1990) 

77  Sept  01 

17-1 

(7)S 

Character  Stmcture  and  Char.  Parity  Sense  for  Serial-By-Bit  Data  Communica 
tion  in  the  Code  for  Inform.  Interchg.  (ANSI  X3. 16-1976/R1983  & R1990) 

77  Sept  01 

18-1 

(6)S 

WITHDRAWN 

1 

19-2 

(4)G 

Catalog  of  Widely  Used  Code  Sets 

92  July  01 

20 

WITHDRAWN 

1 

21-3 

(3)S 

COBOL  (ANSI  X3.23-1985  & X3.23A-1989) 

90  Jan  12  2 


* Approved  in  1993 

Category  Key:  (1)  General  Publications  (2)  Hardware  Standards/guidelines  (3)  Software 
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FIPS  NO.  CATEGORY 


TITLE-DATE 


CHANGE  NOTICES 


22-1 


23 

24 

25 

26 


27 


28 

29-3 


*30 

31 


32-1 


33-1 


(7)S  Synchronous  Signaling  Rates  Between  Data  Terminal 
and  Data  Communication  Equip.  (ANSI  X3. 1-1976) 

77  Sept  01 

WITHDRAWN 

WITHDRAWN 

WITHDRAWN 

(2)S  One-Inch  Perforated  Paper  Tape  for  Information  Interchange 
(ANSIX3.18-1967/R1974,  R1982,  & R1990) 

73  June  30 

(2)S  Take-Up  Reels  for  One-Inch  Perforated  Tape  for  Information 
Interchg.  (ANSI  X3.20-1967/R1982  & R1990) 

73  June  30 

WITHDRAWN 

(1&3)P  Interpretation  Procedures  for  Federal  Information 
Processing  Standards  for  Software 
92  Oct  29 

WITHDRAWN 

(5)G  Guidelines  for  Automatic  Data  Processing 
Physical  Security  and  Risk  Management 

74  June 

(2)S  Character  Sets  for  Optical  Char.  Recognition  (OCR) 
(ANSIX3.2-1970/R1976,  X3. 17-1981/R1989, 
X3.49-1975/R1982  & R1989) 

82  June  25 

(2)S  Character  Set  for  Handprinting  (ANSI  X.3.45-1982/R1989) 
84  Nov  05 


1 

1 

1 


2 


1 


*Approved  in  1993 

Category  Key:  (1)  General  Publications  (2)  Hardware  Standards/guidelines  (3)  Software 
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FIPS  NO.  CATEGORY 


TITLE-DATE 


CHANGE  NOTICES 


34 


35 

36 

37 

38 


39 

40 

41 


42-1 


43 

44 

45 


*46-2 


(1) P  Guide  for  the  Use  of  International  System  of  Units  (SI) 

in  Federal  Information  Processing  Standards  Publications 

75  Jan  01 

WITHDRAWN 

WITHDRAWN 

WITHDRAWN 

(3) G  Guidelines  for  Documentation  of  Computer 

Programs  and  Automated  Data  Systems 

76  Feb  15 

WITHDRAWN 

(2) G  Guideline  for  Optical  Character  Recognition  Forms 

76  May  01 

(5) G  Computer  Security  Guidelines  for 

Implementing  the  Privacy  Act  of  1974 

75  May  30 

(6) G  Guidelines  for  Benchmarking  ADP  Systems 

in  the  Competitive  Procurement  Environment 

77  May  15 

WITHDRAWN 

WITHDRAWN 

(4) G  Guide  for  the  Development,  Implementation  & 

Maintenance  of  Standards  for  the  Representation 
of  Computer  Processed  Data  Elements 

76  Sept  30 

(5) S  Data  Enciyption  Standard 

93  Dec  30 


47 


WITHDRAWN 


1 

1 

1 


1 


1 

1 


1 


* Approved  in  1993 
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FIPS  NO.  CATEGORY  TITLE-DATE 

48  (5)G  Guidelines  on  Evaluation  of  Techniques  for 

Automated  Personal  Identification 
77  Apr  01 

49  (6)G  Guideline  on  Computer  Performance  Management: 

An  Introduction 
77  May  01 

50  WITHDRAWN 

51  WITHDRAWN 

52  WITHDRAWN 


CHANGE  NOTICES 


1 

1 

1 


*53 


WITHDRAWN 


54-1 


55DC-4 


55-2 


(2)S  Computer  Output  Microform  (COM)  Formats 
and  Reduction  Ratios,  16  mm  and  105  mm 
(ANSI/AIIM  MS5-1991  & MS14-1988) 

91  Jan  15 

(4)G  Guideline:  Codes  for  Named  Populated  Places 
Primary  County  Divisions,  and  Other  Locational 
Entities  of  the  United  States  and  Outlying  Areas 
87  Jan  16 

(4)G  Same  as  55DC  except  without  codes 
87  Feb  03 


56  (6)G  Guideline  for  Managing  Multivendor 

Plug-Compatible  ADP  Systems 
78  Sept  15 

57  (6)G  Guidelines  for  the  Measurement  of  Interactive  Computer 

Service  Response  Time  and  Turnaround  Time 
78  Aug  01 


1 


1 


1 


*Approved  in  1993 
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FIPS  NO.  CATEGORY 


TITLE-DATE 


CHANGE  NOTICES 


58-1 

(4)S 

Representations  of  Local  Time  of  the  Day  for 

Information  Interchange  (ANSI  X3. 43- 1986) 

88  Jan  27 

59 

(4)S 

Representations  of  Universal  Time,  Local  Time 

Differentials,  and  United  States  Time  Zone  References 
for  Information  Interchange  (ANSI  X3.5 1-1975) 

79  Feb  01 

60-2 

WITHDRAWN 

3 

61-1 

WITHDRAWN 

2 

62 

WITHDRAWN 

3 

63-1 

WITHDRAWN 

2 

63-1 

Supplement 

WITHDRAWN 

2 

64 

(3)G 

Guidelines  for  Documentation  of  Computer  Programs 
and  Automated  Data  Systems  for  the  Initiation  Phase 

79  Aug  01 

65 

(5)G 

Guideline  for  Automatic  Data  Processing  Risk  Analysis 

79  Aug  01 

66 

(4)S 

Standard  Industrial  Classification  (SIC)  Codes 

79  Aug  15 

2 

67 

(2)G 

Guideline  for  Selection  of  Data  Entry  Equipment 

79  Sept  30 

68-2 

(3)S 

BASIC  (ANSI  X3. 113- 1987) 

87  Aug  28 

69-1 

(3)S 

FORTRAN  (ANSI  X3.9-1978/R1989) 

85  Dec  24 


’'‘Approved  in  1993 
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)-l 

71 

72 

73 

74 

75 

76 

77 

78 

79 

80 


CATEGORY  TITLE-DATE 


(4) S  Representation  of  Geographic  Point  Locations 

for  Information  Interchange  (ANSI  X3.6 1-1986) 

86  Nov  14 

(7)S  Advanced  Data  Communications  Control  Procedures 
(ADCCP)  {ANSIX3.66-1979/R1990) 

80  May  14 

(6)G  Guidelines  for  Measurement  of  Remote  Batch 
Computer  Service 
80  May  01 

(5] G  Guidelines  for  Security  of  Computer  Applications 

80  June  30 

(5) G  Guidelines  for  Implementing  and  Using 

the  NBS  Data  Encryption  Standard 

81  Apr  01 

(6) G  Guideline  on  Constructing  Benchmarks 

for  ADP  System  Acquisitions 
80  Sept  18 

{3)G  Guideline  for  Planning  and  Using  a 
Data  Dictionary  System 
80  Aug  20 

(3)G  Guideline  for  Planning  and  Management 
of  Database  Applications 
80  Sept  0 1 

(7) G  Guideline  for  Implementing  Advanced  Data 

Communication  Control  Procedures  (ADCCP) 

80  Sept  26 

WITHDRAWN 

WITHDRAWN 


CHANGE  NOTICES 


1 


1 

1 
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FIPS  NO.  CATEGORY 

TITLE-DATE  CHANGE  NOTICES 

81  (5)S 

DES  Modes  of  Operation 

80  Dec  02  1 

82  (2)G 

Guideline  for  Inspection  and  Quality  Control 
for  Alphanumeric  Computer-Output  Microfonns 
(ANSI/AIIM  MSI- 1980) 

80  Sept  26 

83  (5)G 

Guideline  on  User  Authentication  Techniques 
for  Computer  Network  Access  Control 

80  Sept  29 

84  (2)S 

Microfilm  Readers  (ANSI/AIIM  (NMA)  MS20-1979) 

80  Oct  31 

85  (2)S 

Optical  Character  Recognition  (OCR) 

(ANSI  X3.86-1980/R1987) 

80  Nov  07 

86  (2)S 

Additional  Controls  for  Use  with  Amer.  Natl.  Std.  Code 
for  Inform.  Interchg.  (ANSI  X3.64-1979/R1990) 

81  Jan  29  2 

87  (5)G 

Guidelines  for  ADP  Contingency  Planning 

81  Mar  27 

88  (3)G 

Guideline  on  Integrity  Assurance  and  Control 
in  Database  Administration 

81  Aug  14 

89  (2)S 

Optical  Character  Recognition  (OCR)  Character 

Positioning  (ANSI  X3.93M- 198 1/R 1989) 

8 1 Sept  04 

90  (2)G 

Guideline  for  Optical  Character  Recognition  (OCR) 

Print  Quality  (ANSI  X3.99/R1991) 

83  Sept  29 

91 

WITHDRAWN  1 

’^Approved  in  1993 
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S NO. 

92 

93 

94 

*95-1 

96 

97 

98 

99 

100-1 

101 

102 


CATEGORY  TITLE-DATE 


(4)G  Guideline  for  Standard  Oecupational  Classifieation 
(SOC)  Codes 
83  Feb  24 

WITHDRAWN 

(2)G  Guideline  on  Eleetrical  Power  for  ADP  Installations 
83  Sept  21 

(4)S  Codes  for  the  Identification  of  Federal 
and  Federally  Assisted  Organizations 
93  Jan  04 

(6)G  Guideline  for  Developing  and  Implementing  a 
Charging  System  for  Data  Proeessing  Services 
82  Dec  06 


WITHDRAWN 


CHANGE  NOTICES 


1 


2 


WITHDRAWN  2 

(3)G  Guideline:  A Framework  for  the  Evaluation  and 
Comparison  of  Software  Development  Tools 
83  Mar  31 

(7)S  Interface  Between  Data  Terminal  Equipment  (DTE)  and 

Data  Cireuit-Terminating  Equipment  (DCE)  for  Operation 
with  Paeket-Switehed  Data  Networks  (PSDN),  or  Between 
Two  DTEs,  by  Dedicated  Circuit  (ANSI  X3. 100-1989) 

91  Mar  20 

(3)G  Guideline  for  Lifeeycle  Validation,  Verification, 
and  Testing  of  Computer  Software 
83  June  06 

(5)G  Guideline  for  Computer  Seeurity 
Certification  and  Accreditation 
83  Sept  27 
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FIPS  NO. 

CATEGORY 

TITLE-DATE 

CHANGE  NOTICES 

103 

(4)S 

Codes  for  the  Identification  of  Hydrologic  Units  in  the 
United  States  and  the  Caribbean  Outlying  Areas 
(USGS/ CIRCULAR  #878-A  & ANSI  X3. 145- 1986) 

83  Nov  15 

1 

104-1 

(4)S 

ANS  Codes  for  the  Representation  of  Names  of 

Countries,  Dependencies,  and  Areas  of  Special 
Sovereignty  for  Information  Interchange 

86  May  12 

1 

105 

(3)G 

Guideline  for  Software  Documentation  Management 

84  June  06 

106 

(3)G 

Guideline  on  Software  Maintenance 

84  June  15 

107 

(2&3)S 

Local  Area  Networks:  Baseband  Carrier  Sense 

Multiple  Access  with  Collision  Detection  Access 

Method  and  Physical  Layer  Specifications  and 

Link  Layer  Protocol  (ANSI /IEEE  802.2  & 802.3) 

84  Oct  31 

108 

(2)S 

Alphanumeric  Computer  Output  Microform 

Quality  Test  Slide  (AIIM  MS28-1983) 

84  Nov  05 

109 

(3)S 

Pascal  (ANSI/IEEE  770X3.97- 1983/R1990) 

85  Jan  16 

no 

(3)G 

Guideline  for  Choosing  a Data  Management  Approach 

84  Dec  1 1 

111 

WITHDRAWN 

2 

112 

(5)S 

Password  Usage 

85  May  30 

113 

(5)S 

Computer  Data  Authentication 

85  May  30 
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FIPS  NO. 

CATEGORY 

TITLE-DATE 

CHANGE  NOTICES 

114 

WITHDRAWN 

1 

115 

WITHDRAWN 

1 

116 

WITHDRAWN 

1 

117 

WITHDRAWN 

1 

118 

WITHDRAWN 

1 

119 

(3)S 

Ada  {ANSI/MIL-STD-1815A-1983) 

85  Nov  08 

1 

120-1 

(3)S 

Graphical  Kernel  System  (GKS)  (ANSI  X3. 124- 1985, 

X3. 124. 1-1985,  X3. 124.2-1988,  X3. 124.3- 1989) 

91  Jan  08 

121 

(2&3)S 

Videotext/Teletext  Presentation  Level 

Protocol  S3nitax  (North  American  PLPS) 
(ANSIX3.110-1983(R1991)/CS  T500-1983) 

86  May  06 

122 

WITHDRAWN 

1 

123 

(3)S 

Specification  for  a Data  Descriptive  File  for  Information 
Interchange  (DDF)  (ANSI/ISO  821 1-1985/R1992) 

86  Sept  19 

124 

(3)G 

Guideline  on  Functional  Specifications  for 

Database  Management  Systems 

86  Sept  30 

*125-1 

(3)S 

MUMPS  (ANSI/MDC  XI  1.1-1990) 

93  June  10 

126 

(3)S 

Database  Language  NDL  (ANSI  X3. 133-1986) 

87  Mar  10 

*127-2  (3)S  Database  Language  SQL  (ANSI  X3. 135- 1992) 

93  June  02 
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FIPS  NO.  CATEGORY 


TITLE-DATE 


CHANGE  NOTICES 


*128-1 

129 

130 

131 

132 

133 
134-1 

135 


(3)S  Computer  Graphics  Metafile  (CGM) 

(ANSI/ISO  8632.1-4:1992  & MIL-D-28003A) 

93  May  1 1 

(2) S  Optical  Character  Recognition  (OCR)  - Dot  Matrix 

Character  Sets  for  OCR-MA  (ANSI  X3. 1 11-1986) 
87  May  06 

WITHDRAWN 

WITHDRAWN 

(3) G  Guideline  for  Software  Verification  and 

Validation  Plans  (ANSI/IEEE  1012-1986) 

87  Nov  19 

WITHDRAWN 

WITHDRAWN 

WITHDRAWN 


2 

2 


1 

1 

1 


136 

137 


138 


139 


140 


WITHDRAWN 

(7)S  Analog  to  Digital  Conversion  of  Voice  by 

2,400  Bit/ Second  Linear  Predictive  Coding 
84  Nov  28 

(7)S  Electrical  Characteristics  of  Balanced 
Voltage  Digital  Interface  Circuits 
75  Sept  24 

(7)S  Interoperability  and  Security  Requirements  for 
Use  of  the  Data  Encryption  Standard  in  the 
Physical  Layer  of  Data  Communications 
83  Aug  03 

(7)S  General  Security  Requirements  for  Equipment 
Using  the  Data  Encryption  Standard 
82  Apr  14 


1 
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FIPS  NO. 

CATEGORY 

TITLE-DATE  CHANGE  NOTICES 

141 

(7)S 

Interoperability  and  Seeurity  Requirements  for 

Use  of  the  Data  Eneiyption  Standard  with 

CCITT  Group  3 Faesimile  Equipment 

85  Apr  04 

142 

(7)S 

Eleetiical  Characteristics  of  Unbalanced 

Voltage  Digital  Interface  Circuits 

80  Jan  31 

143 

(7)S 

General  Purpose  37-Position  and  9-Position  Interface 

Between  Data  Terminal  Equipment  and  Data 

Circuit-Terminating  Equipment  (EIA-RS-449) 

85  June  10 

144 

(7)S 

Data  Communication  Systems  and  Services  User-Oriented 
Performance  Parameters  (ANSI  X3. 102-1983/R1990) 

85  May  28 

145 

WITHDRAWN 

1 

146-1 

(2&3)S 

Government  Open  Systems  Interconnection  Profile  (GOSIP) 

91  Apr  03 

1 

147 

(7)S 

Group  3 Facsimile  Apparatus  for  Document  Transmission 

81  Aug  19 

148 

(7)S 

Procedures  for  Document  Facsimile  Transmission  (EIA-RS-466) 

82  Apr  14 

149 

(7)S 

General  Aspects  of  Group  4 Facsimile  Apparatus  {EIA-536-1988) 

88  Nov  04 

150 

(7)S 

Facsimile  Coding  Schemes  and  Coding  Control  Functions 
for  Group  4 Facsimile  Apparatus  (EIA- 538- 1988) 

88  Nov  04 
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FIPS  NO. 
*151-2 

152 

153 

154 

155 

156 

157 

*158-1 

159 


CATEGORY  TITLE-DATE 


CHANGE  NOTICES 


(3)S  Portable  Operating  System  Interface  (POSIX)  - 

System  Application  Program  Interface  [C  Language] 

(ISO/IEC  9945-1:1990) 

93  May  12 

(3)S  Standard  Generalized  Markup  Language  (SGML) 

(ISO  8879-1986) 

88  Sept  26 

(3)S  Programmer’s  Hierarchical  Interactive  Graphics  System 
(ANSI/ISO  9592.1.2.3:1989,  ISO/IEC  9593.1:1990, 

ANSl/ISO  9593.3:1990  & 9593.4:1991) 

88  Oct  14  2 

(7)S  High  Speed  25-Position  Interface  for  Data  Terminal  Equipment 
and  Data  Circuit-Terminating  Equipment  (EIA-530-1987) 

88  Nov  04 

(7)S  Data  Communication  Systems  and  Services  User-Oriented 
Performance  Measurement  Methods  (ANSI  X3. 141-1987) 

88  Nov  04 

(3)S  Information  Resource  Dictionary  System  (IRDS) 

(ANSI  X3. 138- 1988  &X3.138A- 1991)) 

89  Apr  05  1 

(2) G  Guideline  for  Quality  Control  of  Image  Scanners 

(ANSI/AIIM  MS44-1988) 

89  Sept  13 

(3) S  The  User  Interface  Component  of  the  Applications 

Portability  Profile  (MIT  X Version  1 1 , Release  5) 

93  Oct  08 

(7)S  Detail  Specification  for  62.5um  Core  Diameter/ 125-um 
Cladding  Diameter  Class  la  Multimode,  Graded-Index 
Optical  Waveguide  Fibers  (ANSI/EIA/TIA-492AAAA-1989) 

90  Dec  27 
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FIPS  NO. 

CATEGORY 

TITLE-DATE  CHANGE  NOTICES 

160 

(3)S 

C (ANSI/ISO  9899:1992) 

91  Mar  13 

1 

*161-1 

(3)S 

Electronic  Data  Interchange  (EDI) 

93  Apr  19 

162 

(7)S 

1,200  Bits  Per  Second  Two-wire  Duplex  Modems  for 

Data  Communications  Use  on  Telephone-Type  Circuits 

92  Apr  02 

(Supersedes  FIPS  PUB  136/Former  Federal  Standard  1008) 

163 

(7)S 

2,400  Bits  Per  Second  Two-Wire  Duplex  Modems  for 

Data  Communications  Use  on  Telephone-Type  Circuits 

92  Apr  02 

(Supersedes  FIPS  PUB  133/Former  Federal  Standard  1005A) 

164 

(7)S 

2,400  Bits  Per  Second  Four- Wire  Duplex  and 

Two-Wire  Half-Duplex  Modems  for  Data 

Communications  Use  on  Telephone-Type  Circuits 

92  Apr  02 

(Supersedes  FIPS  PUB  133/Former  Federal  Standard  1005A) 

165 

{7)S 

4,800  Bits  Per  Second  Four- Wire  Duplex  and 

Two-Wire  Half-Duplex  Modems  for  Data 

Communications  Use  on  Telephone-Type  Circuits 

92  Apr  02 

(Supersedes  FIPS  PUB  134-1 /Former  Federal  Standard  1006A) 

166 

(7)S 

4,800  and  9,600  Bits  Per  Second  Two-wire  Duplex  Modems 
for  Data  Communications  Use  on  Telephone-Type  Circuits 

92  Apr  02 

(Supersedes  FIPS  PUB  134-1 /Former  Federal  Standard  1006A) 

167 

(7)S 

9,600  Bits  Per  Second  Four- Wire  Duplex  Modems  for 

Data  Communications  Use  on  Telephone-Type  Circuits 

92  Apr  02 

(Supersedes  FIPS  PUB  135/Former  Federal  Standard  1007) 
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FIPS  NO.  CATEGORY 

TITLE-DATE  CHANGE  NOTICES 

168  (7)S 

12,000  and  14,400  Bits  Per  Second  Four-Wire  Duplex  Modems 
for  Data  Communications  Use  on  Telephone-Type  Circuits 

92  Apr  02 

169  (7)S 

Error  Correction  in  Modems  Employing 

Asynchronous-To-Synchronous  Conversion 

92  Apr  02 

170  (7)S 

Data  Compression  in  Modems  Employing  CCITT 

Recommendation  V.42  Error  Correction 

92  Apr  02 

171  (5)S 

Key  Management  Using  ANSI  X9. 17  (ANSI  X9. 17-1985) 

92  Apr  27 

172  (3)S 

VHSIC  Hardware  Description  Language  (VHDL) 

(ANSI/IEEE  1076-1987) 

92  June  29 

173  (3)S 

Spatial  Data  Transfer  Standard  (SDTS)  (DOI/USGS  Specs.) 

92  August  28 

174  (7)S 

Federal  Building  Telecommunications  Wiring  Standard 
(ANSI/EIA/TIA- 568- 1991) 

92  August  2 1 

175  (7)S 

Federal  Building  Standard  for  Telecommunications 

Pathways  and  Spaces  (ANSI/EIA/TIA-569-1990) 

92  Aug  2 1 

176  (7}S 

Residential  and  Light  Commercial  Telecommunications 

Wiring  Standard  (ANSI/EIA/TIA-570-1991) 

92  Aug  2 1 

177  (3)S 

Initial  Graphics  Exchange  Specification  (IGES) 

(ASME/ANSI  Y14.26M-1989) 

92  Nov  30 
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FIPS  NO. 


TITLE-DATE 


CHANGE  NOTICES 


178 

179 

*180 

*181 

*182 

*183 

*184 


CATEGORY 

(7)S  Video  Teleconferencing  Services  at  56  to  1,920  kb/s 

(CCnr  Series  H Recommendations  H.221;230;242;261:320  - 1990) 
92  Dec  21 

(2&3)S  Government  Network  Management  Profile  (GNMP) 

92  Dec  14 

(5)S  Secure  Hash  Standard  (SHS) 

93  May  1 1 

(5)S  Automated  Password  Generator  (APG) 

93  Oct  5 

(7)S  Integrated  Services  Digital  Network  (ISDN) 

93  Oct  5 

(3)S  Integration  Definition  for  Function  Modeling  (IDEFO) 

93  Dec  21 

(3)S  Integration  Definition  for  Information  Modeling  (IDEFIX) 

93  Dec  21 
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The  Computer  Systems  Laboratory  Annual  Report  - 1993  describes  the  annual 
computer  and  related  telecommunications  activities  and  accomplishments  of  the 
laboratory.  Following  the  Director's  Foreword,  a CSL  overview  is  presented, 
followed  by  overviews  of  the  five  technical  divisions.  The  Technology  Trans- 
fer section  describes  the  vehicles  used  by  CSL  to  disseminate  research  and 
technical  information  to  the  public.  A list  of  Federal  Information  Processina 
Standards  (FIPS)  and  FIPS  order  information  conclude  the  annual  report. 
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